[Solved] MySql Host is blocked because of many connection errors; unblock with ‘mysqladmin flush-hosts…

The solution is as follows:

method 1, online modification to improve the allowable max_ connection_ Number of errors:

A. Log in to the Mysql database to view max_connection_errors. 
  mysql>show variables like '%max_connect_errors%'; 

B. Change the number of max_connection_errors to 1000.    
  mysql>set global max_connect_errors = 1000;
C. To see if the change was successful.                          
  mysql>show variables like '%max_connect_errors%';

method 2. Use mysqladmin flush hosts command to clean up the hosts file

[root@192-168-7-77 ~]# mysqladmin --socket=/tmp/mysql.sock --port=3306 -uroot -p flush-hosts

Note: Configure master/slave master/slave databases to modify both master and slave databases.

mysql> flush hosts; is also ok

finally, modify my.cnf configuration file

[root@192-168-7-77 ~]# vi /etc/my.cnf
max_connect_errors = 1000

note: Max_ connect_ Related notes on errors

max_ connect_ Errors is a security related counter value in mysql, which is responsible for preventing too many failed clients from brute force password cracking. max_ connect_ The value of errors has little to do with performance

When this value is set to 10, it means that if a client attempts to connect to the MySQL server, but fails (such as wrong password, etc.) 10 times, MySQL will unconditionally force the client to block the connection. If you want to reset the value of this counter, you must restart the MySQL server or execute MySQL > flush hosts; Orders. When the client successfully connects to the MySQL server once, the max_ connect_ Errors will be cleared

If Max_ connect_ If the setting of errors is too small, the web page may prompt that the database server cannot be connected; If you connect to the database through the MySQL command of SSH, you will return error 1129 (00000): host ‘gateway’ is blocked because of many connection errors; Unblock with ‘mysqladmin flush hosts’ error
function and function

Generally speaking, it is suggested that the database server should not listen to the connection from the network, but only connect through the socket, which can prevent the vast majority of attacks against mysql; If you have to open the network connection of MySQL, you’d better set this value to prevent the attack of exhausting password

Similar Posts: