search

geerlingguy / ansible-role-mysql

Ansible Role - MySQL
https://galaxy.ansible.com/geerlingguy/mysql/
MIT License
1.05k stars 861 forks source link

Change mysql_bind_address: '0.0.0.0' to mysql_bind_address: '127.0.0.1' in defaults #502

Closed lukasfischer closed 1 year ago

lukasfischer commented 1 year ago

It's not a bug, but a potential security issue:

Change mysql_bind_address: '0.0.0.0' to mysql_bind_address: '127.0.0.1' in defaults for better security. I do think that exposing mysql to the public should be a conscious decision.

In addition, you may want to change in the examples doc:

mysql_users:
  - name: example_user
    host: "%"
    password: similarly-secure-password
    priv: "example_db.*:ALL"

to 

mysql_users:
  - name: example_user
    host: "**localhost**"
    password: similarly-secure-password
    priv: "example_db.*:ALL"

Or add a second example.

stale[bot] commented 1 year ago

This issue has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution!

Please read this blog post to see the reasons why I mark issues as stale.

stale[bot] commented 1 year ago

This issue has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details.