Tutorial4 min read

How to Find Exposed MySQL Databases

Discover MySQL servers accessible from the internet without proper access controls.

1

Search for MySQL servers

MySQL runs on port 3306 by default.

product:mysql port:3306
2

Find by version

Look for specific MySQL versions, especially outdated ones.

product:mysql version:5.6
MySQL 5.6 reached end of life in 2021.
3

Check for MariaDB

MariaDB is a MySQL fork that also runs on port 3306.

product:mariadb port:3306
4

Find vulnerable instances

Search for MySQL with known CVEs.

product:mysql has_vuln:true

Remediation & Hardening

  • Bind MySQL to localhost (bind-address = 127.0.0.1)

  • Use firewall rules to restrict port 3306

  • Disable remote root login

  • Use strong passwords and the validate_password plugin

  • Enable TLS for client connections

  • Keep MySQL updated to the latest stable version

Try It Now

Search for MySQL across 85M+ indexed hosts — free, no registration required.

Search MySQL

More How-To Guides

How to Find Exposed Redis ServersHow to Find Exposed MongoDB DatabasesHow to Find Exposed Elasticsearch ClustersHow to Find Exposed Jenkins ServersHow to Find Exposed Docker APIsHow to Find Exposed RDP ServersHow to Find Exposed Kubernetes Clusters