suggestion for check server security: my.cnf skip-networking
Posted: 07 Jan 2012, 13:49
Just a thought for the fantastic CSF server security check
Maybe scan my.cnf and if "skip-networking" doesn't appear at the start of a line, suggest that if they do not require external mysql access to add that line?
I would bet 90% of whm/cpanel installs do not use anything except local sockets so no sense in having a security hole by having mysql listen to tcp.
Maybe scan my.cnf and if "skip-networking" doesn't appear at the start of a line, suggest that if they do not require external mysql access to add that line?
I would bet 90% of whm/cpanel installs do not use anything except local sockets so no sense in having a security hole by having mysql listen to tcp.