Is it safe to change the Mysql port on install to a random port number?

    Hello


    I am trying to get the best and most secure install on my VPS and I was wondering would I be able to change the default port number on install i-mscp from 3306 to some other random port number and what range of port number do you recommend.


    I am using the stable version 1.0.3.0 if i-mscp


    Thanks in advance :shy:

    Edited once, last by veg-grower ().


    Hello ;


    I presume that you are talking about the MySQL server port here (3306 is the default port for the MySQL server). Well, it's not really relevant to change it if you are not using a remote server. By default, both i-MSCP and the the MySQL server are hosted on the same server and the Mysql Server is only listening on localhost. When using localhost, the port is not used at all. Connection is made through socket. You can force usage of TCP connection (not recommended unless you are using remote server) by changing localhost to your public IP. In that case, changing the port is also recommended. To do that, you must edit the following files:


    - /etc/mysql/my.cnf (Parameters port, bind-address)


    When using i-MSCP current stable version (1.0.3.0):


    - /etc/imscp/imscp.conf and /etc/imscp/imscp.old.conf (Parameters DATABASE_HOST, DATABASE_PORT)


    or when using Git master, Just rerun the installer as follow:


    Code
    1. # perl imscp-autoinstall --debug --reconfigure sql


    Note: You can use any free port above 1000


    Thanks you for using i-MSCP

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    SSH key for online support

    Edited once, last by Nuxwin ().

    Thank you for your detailed answer Nuxwin :shy:


    I am asking about this because I am a little paranoid about my VPS security. I noticed in my CSF firewall that there are a number of attempts being blocked at port 3306 which is the mysql port. My idea was to change that port to minimise the risk of it being comprimised but I maybe being a littl to over paranoid :-/

    just update and think before doing something and your server should be secure :D I also recommend to install fail2ban. There's also the option to install & configure an vpn.