mysql 参数max_connect_errors研究

李大圣的博客2025-02-17 11:03

1.在server端设置max_connect_errors=3,超过3次连接错误就block

mysql> set global max_connect_errors=3;

Query OK, 0 rows affected (0.00 sec)

mysql> show variables like 'max_connect_errors';

+--------------------+-------+

| Variable_name | Value |

+--------------------+-------+

| max_connect_errors | 3 |

+--------------------+-------+

1 row in set (0.00 sec)

2.在客户端10.153.56.25连接server,不输入密码四次,第五次依旧连接上了

[mysql@t3-tksbscms-tkcms-db-mysql01-ma01 bin]$ mysql -h 10.153.35.2 -u root -p

Enter password:

ERROR 1045 (28000): Access denied for user 'root'@'10.153.56.25' (using password: NO)

[mysql@t3-tksbscms-tkcms-db-mysql01-ma01 bin]$ mysql -h 10.153.35.2 -u root -p

Enter password:

ERROR 1045 (28000): Access denied for user 'root'@'10.153.56.25' (using password: NO)

[mysql@t3-tksbscms-tkcms-db-mysql01-ma01 bin]$ mysql -h 10.153.35.2 -u root -p

Enter password:

ERROR 1045 (28000): Access denied for user 'root'@'10.153.56.25' (using password: NO)

[mysql@t3-tksbscms-tkcms-db-mysql01-ma01 bin]$ mysql -h 10.153.35.2 -u root -p

Enter password:

ERROR 1045 (28000): Access denied for user 'root'@'10.153.56.25' (using password: NO)

[mysql@t3-tksbscms-tkcms-db-mysql01-ma01 bin]$ mysql -h 10.153.35.2 -u root -p

Enter password:

Welcome to the MySQL monitor. Commands end with ; or \g.

Your MySQL connection id is 17

Server version: 5.7.26-log MySQL Community Server (GPL)

Copyright (c) 2000, 2023, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its

affiliates. Other names may be trademarks of their respective

owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>

3.在server端看到10.153.56.25

HOST_VALIDATED: YES ,

SUM_CONNECT_ERRORS: 0 ,

COUNT_HOST_BLOCKED_ERRORS: 0

COUNT_AUTHENTICATION_ERRORS: 4

说明密码错误并不数据连接错误

mysql> select * from performance_schema.host_cache\G

*************************** 1. row ***************************

IP: 10.153.56.25

HOST: NULL

HOST_VALIDATED: YES

SUM_CONNECT_ERRORS: 0

COUNT_HOST_BLOCKED_ERRORS: 0

COUNT_NAMEINFO_TRANSIENT_ERRORS: 0

COUNT_NAMEINFO_PERMANENT_ERRORS: 1

COUNT_FORMAT_ERRORS: 0

COUNT_ADDRINFO_TRANSIENT_ERRORS: 0

COUNT_ADDRINFO_PERMANENT_ERRORS: 0

COUNT_FCRDNS_ERRORS: 0

COUNT_HOST_ACL_ERRORS: 0

COUNT_NO_AUTH_PLUGIN_ERRORS: 0

COUNT_AUTH_PLUGIN_ERRORS: 0

COUNT_HANDSHAKE_ERRORS: 0

COUNT_PROXY_USER_ERRORS: 0

COUNT_PROXY_USER_ACL_ERRORS: 0

COUNT_AUTHENTICATION_ERRORS: 4

COUNT_SSL_ERRORS: 0

COUNT_MAX_USER_CONNECTIONS_ERRORS: 0

COUNT_MAX_USER_CONNECTIONS_PER_HOUR_ERRORS: 0

COUNT_DEFAULT_DATABASE_ERRORS: 0

COUNT_INIT_CONNECT_ERRORS: 0

COUNT_LOCAL_ERRORS: 0

COUNT_UNKNOWN_ERRORS: 0

FIRST_SEEN: 2025-02-13 14:26:57

LAST_SEEN: 2025-02-13 14:27:10

FIRST_ERROR_SEEN: 2025-02-13 14:26:57

LAST_ERROR_SEEN: 2025-02-13 14:27:02

1 row in set (0.00 sec)

4.通过telnet 10.153.35.2 3306命令,超过3次后第四次后就报错:

Host '10.153.56.25' is blocked because of many connection errors;

正常的mysql -h 10.153.35.2 -u root -p输入密码也被 block了

[mysql@t3-tksbscms-tkcms-db-mysql01-ma01 bin]$ telnet 10.153.35.2 3306

Trying 10.153.35.2...

Connected to 10.153.35.2.

Escape character is '^]'.

N

5.7.26-logM:Nu

-A%a-9c2Ubmysql_native_password

!#08S01Got packets out of orderConnection closed by foreign host.

[mysql@t3-tksbscms-tkcms-db-mysql01-ma01 bin]$

[mysql@t3-tksbscms-tkcms-db-mysql01-ma01 bin]$ telnet 10.153.35.2 3306

Trying 10.153.35.2...

Connected to 10.153.35.2.

Escape character is '^]'.

N

5.7.26-logS8IQA-CNOG\+|mSCmysql_native_password

!#08S01Got packets out of orderConnection closed by foreign host.

[mysql@t3-tksbscms-tkcms-db-mysql01-ma01 bin]$ telnet 10.153.35.2 3306

Trying 10.153.35.2...

Connected to 10.153.35.2.

Escape character is '^]'.

N

5.7.26-logWd7[G-

-6% "mysql_native_password

!#08S01Got packets out of orderConnection closed by foreign host.

[mysql@t3-tksbscms-tkcms-db-mysql01-ma01 bin]$ telnet 10.153.35.2 3306

Trying 10.153.35.2...

Connected to 10.153.35.2.

Escape character is '^]'.

jHost '10.153.56.25' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'Connection closed by foreign host.

[mysql@t3-tksbscms-tkcms-db-mysql01-ma01 bin]$ telnet 10.153.35.2 3306

Trying 10.153.35.2...

Connected to 10.153.35.2.

Escape character is '^]'.

jHost '10.153.56.25' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'Connection closed by foreign host.

[mysql@t3-tksbscms-tkcms-db-mysql01-ma01 bin]$ mysql -h 10.153.35.2 -u root -p

Enter password:

ERROR 1129 (HY000): Host '10.153.56.25' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'

5.server端可以看到

SUM_CONNECT_ERRORS: 3

COUNT_HOST_BLOCKED_ERRORS: 3

mysql> select * from performance_schema.host_cache\G

*************************** 1. row ***************************

IP: 10.153.56.25

HOST: NULL

HOST_VALIDATED: YES

SUM_CONNECT_ERRORS: 3

COUNT_HOST_BLOCKED_ERRORS: 3

COUNT_NAMEINFO_TRANSIENT_ERRORS: 0

COUNT_NAMEINFO_PERMANENT_ERRORS: 1

COUNT_FORMAT_ERRORS: 0

COUNT_ADDRINFO_TRANSIENT_ERRORS: 0

COUNT_ADDRINFO_PERMANENT_ERRORS: 0

COUNT_FCRDNS_ERRORS: 0

COUNT_HOST_ACL_ERRORS: 0

COUNT_NO_AUTH_PLUGIN_ERRORS: 0

COUNT_AUTH_PLUGIN_ERRORS: 0

COUNT_HANDSHAKE_ERRORS: 3

COUNT_PROXY_USER_ERRORS: 0

COUNT_PROXY_USER_ACL_ERRORS: 0

COUNT_AUTHENTICATION_ERRORS: 4

COUNT_SSL_ERRORS: 0

COUNT_MAX_USER_CONNECTIONS_ERRORS: 0

COUNT_MAX_USER_CONNECTIONS_PER_HOUR_ERRORS: 0

COUNT_DEFAULT_DATABASE_ERRORS: 0

COUNT_INIT_CONNECT_ERRORS: 0

COUNT_LOCAL_ERRORS: 0

COUNT_UNKNOWN_ERRORS: 0

FIRST_SEEN: 2025-02-13 14:26:57

LAST_SEEN: 2025-02-13 14:33:15

FIRST_ERROR_SEEN: 2025-02-13 14:26:57

LAST_ERROR_SEEN: 2025-02-13 14:33:15

1 row in set (0.00 sec)

6.解决办法就是在server端执行flush hosts;

mysql> flush hosts;

Query OK, 0 rows affected (0.00 sec)

mysql> select * from performance_schema.host_cache\G

Empty set (0.00 sec)

可以看到10.153.56.25这个client又可以连接了

[mysql@t3-tksbscms-tkcms-db-mysql01-ma01 bin]$ mysql -h 10.153.35.2 -u root -p

Enter password:

Welcome to the MySQL monitor. Commands end with ; or \g.

Your MySQL connection id is 24

Server version: 5.7.26-log MySQL Community Server (GPL)

Copyright (c) 2000, 2023, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its

affiliates. Other names may be trademarks of their respective

owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>

相关推荐
没有晚不了安7 分钟前
1.11作业
android
zhangphil10 分钟前
Android Coil3缩略图、默认占位图placeholder、error加载错误显示,Kotlin(1)
android·kotlin
貂蝉空大1 小时前
uni-app开发安卓和ios app 真机调试
android·ios·uni-app
少年芒2 小时前
Leetcode 490 迷宫
android·算法·leetcode
IT猿手2 小时前
2025最新智能优化算法:鲸鱼迁徙算法(Whale Migration Algorithm,WMA)求解23个经典函数测试集,MATLAB
android·数据库·人工智能·算法·机器学习·matlab·无人机
兰琛3 小时前
12.1 Android中协程的基本使用
android
ChinaRainbowSea5 小时前
1. Linux下 MySQL 的详细安装与使用
linux·数据库·sql·mysql·adb
liujingtech5 小时前
Kotlin实践下来 takeIf 并不是所有场景的银弹
android
xvch6 小时前
Kotlin 2.1.0 入门教程(二十三)泛型、泛型约束、协变、逆变、不变
android·kotlin
ianozo7 小时前
BUU40 [安洵杯 2019]easy_serialize_php
android·开发语言·php
热门推荐
01本地部署DeepSeek教程(Mac版本)02如何在WPS和Word/Excel中直接使用DeepSeek功能03DeepSeek本地部署详细指南04太炸裂了!清华大学deepseek从入门到精通使用手册又出第三版了,《普通人如何抓住DeepSeek红利》(无套路,直接下载)05DeepSeek各版本说明与优缺点分析06DeepSeek r1本地安装全指南07本地化部署AI知识库:基于Ollama+DeepSeek+AnythingLLM保姆级教程08DeepSeek R1本地化部署 Ollama + Chatbox 打造最强 AI 工具09在Windows下安装Ollama并体验DeepSeek r1大模型10Page Assist - 本地Deepseek模型 Web UI 的安装和使用