Is it possible to hack Mysql through the open 3306 port?

Started by Padsall, Apr 11, 2023, 12:13 AM

Previous topic - Next topic

PadsallTopic starter

Good day,
I am aware of the importance of protecting MySQL from SQL injections and using strong passwords to prevent unauthorized access. Recently, an old friend informed me that his website was down and upon investigating,
I discovered that his database had been hacked and replaced with a demand for payment.

Thankfully, my friend had a backup and was able to restore his database. However, this incident caused me to research more about database hacking and I found information suggesting that it is advisable to close port 3306 to prevent such incidents.

 My question now is whether it is possible to hack through this port and what the real risks are. I have read interesting discussions on this topic and appreciate the valuable insights shared by the contributors.


The issue at hand is not related to the port, but rather the fact that the database will be accessible to any user who views the site. In addition to allowing users to view posts and comments, it is important to take measures to prevent injection attacks.

To prevent such security risks, it is recommended to implement query checks and to organize the query system in such a way that it is difficult for hackers to exploit. Public files should be kept separate from private ones, and all scripts used for working and processing databases should be stored in a private folder. User information should be kept in a public folder, as well.


It is possible to hack through an open port that has no protection against brute force and is secured with basic passwords.

However, professional hosters usually do not allow MySQL to be accessed by everyone outside their network. If they do, they often have protections configured against brute force attacks.
 It is worth noting that allowing public access through port 3306 is uncommon today. Those who do so usually have a good understanding of the risks involved and why it may be necessary (or they have no knowledge about server administration).


The system has been breached through an insecure phpmyadmin, which can be accessed via

It is recommended to modify the default address and prevent root user access (which is often enabled by default), or alternatively remove phpmyadmin altogether. It is possible that searching for the specified bitcoin wallet will yield evidence of additional victims.