This may well be due to my lack of experience with MySQL, but it appears to me that my Debian "sid" Database machine installed an update today (I hadn't updated it for a while, so this could be a few weeks old already), which changed the way that MySQL deals with its privacy. And in a very silly way.
The old regime was to use "skip-networking" in my.cnf, which would get MySQL to use UNIX sockets and bypass TCP/IP entirely. That's great for a LAMP solution; your database can't even connect to the network, let alone be exploited over the internet.
This has now changed to having a "bind-address = 127.0.0.1" (ie, localhost). That's a pain if you want to use the database from a remote web server, but also configure the database using PhpMyAdmin. In fact, it's just a general pain and a very silly default, IMNSVHO.
Googling for this information provides some very silly responses. The correct solution, if you want to listen on all available interfaces (localhost and external addresses), appears to be to bind to the address 0.0.0.0:
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
#bind-address = 127.0.0.1
The address 0.0.0.0 is sufficiently obscure to be worth blogging, in the hope that it will save someone fruitless hours searching the interwebs and being faced with stupid advice like "you can specify only one IP address".
0.0.0.0 matches to any IP; it is used as the default route, it should be usable for applications (such as MySQL, Apache, etc) to bind to all interfaces.
Comments for 'MySQL bind-address (was skip-networking)'
You could post a comment if you were logged in.
You are logged in as 0