Make sure MySQL is not accepting remote connections

I am currently doing development for a LAMP-based website. I do not know what configuration changes have been made to MySQL since it was installed on our server. The way that we use MySQL, there is no reason for our database to accept any remote connections; it only needs to be accessed locally either via PHP or through the command-line shell over an ssh session.

For security reasons, I want to make sure that there is no way to connect to our database remotely. What settings do I need to check to make sure that this is the case? Is there a single option somewhere that I can set to prevent all remote connections?

Do:

netstat -an|grep 3306 | grep LISTEN

If something similar to the following line is returned:

tcp        0      0 0.0.0.0:3306                  0.0.0.0:*                   LISTEN

.. it means that it's listening on all interfaces.

If something similar to the following line is returned, and no other lines:

tcp        0      0 127.0.0.1:3306               0.0.0.0:*                   LISTEN

.. it's already configured to only listen on localhost.

If there are lines with other IP addresses before the :3306, it means that it's listening on those interfaces.

To change MySQL to only listen on localhost, edit your configuration file (usually /etc/my.cnf), add the following:

bind-address = 127.0.0.1

Restart the service and voila!

StackExchange Database Administrators Q#33966, answer score: 9