Mysql – Error log – What does this mean and what can I do about it


I have the following repeated errors in my error.log and I don't know what it means or what I should/can do about it:

Access denied for user 'root'@'[some IP]' (using password: YES)

There are many different IPs showing in the [some IP] field.

I've been reading some security posts that recommend changing the root username to something else, is this something I should do here?

I am using MySQL 5.5.22

I believe these are attempts to gain access to my database from hackers. I want to know what I can do to prevent the attempts. Most of the IPs are coming from China.

Best Answer

My first answer is: why is your database even accessible from outside through the Internet? That network traffic really ought to be blocked by router Internet gateway router or firewall.

If you really need to allow some connections from the Internet to your database, then limit it to the valid IP address who should be connecting.

At this point that's not really a dba question but a network admin question.