How to Change the Default Port of MySQL

Last updated: March 4, 2025

Reviewed by: David Martinez
Baeldung Pro – SQL – NPI EA (cat = Baeldung on SQL)
announcement - icon

Learn through the super-clean Baeldung Pro experience:

>> Membership and Baeldung Pro.

No ads, dark-mode and 6 months free of IntelliJ Idea Ultimate to start with.

1. Introduction

MySQL uses port 3306 by default, making it easy for applications to connect without extra setup. This default setting ensures everything works smoothly. However, since the port is well-known, attackers might target it by scanning for open ports linked to common services.

Changing the default port won’t completely secure our database, but it adds an extra layer of protection by making it harder for attackers to find MySQL. While this step doesn’t replace key security measures like firewalls or strong passwords, it’s a simple way to reduce the risk of unauthorized access without much hassle.

In this tutorial, we’ll explore how to change the default MySQL port on Linux and Windows operating systems.

2. Why Should I Change the Default MySQL Port?

MySQL listens on port 3306 by default, but there are scenarios where changing the port may be necessary:

  • Since port 3306 is well-known, attackers often target it to send malicious traffic to MySQL servers, especially those running outdated versions. These attacks can lead to vulnerabilities if the server is not regularly updated or properly secured.
  • If another application is using port 3306, MySQL needs a different port to avoid conflicts.
  • If we have more than one MySQL instance on the same server, each one needs its own port to avoid confusion.
  • Changing the default port helps reduce the amount of unwanted or malicious traffic that a server has to process. Moreover, with a custom port, the server can simply block any traffic not directed to the correct port, saving resources and preventing unnecessary checks on invalid connections.
  • Changing the MySQL port makes it harder for unauthorized applications or users to connect. Consequently, only trusted applications that have the correct port number can access the MySQL service, giving us better control over who can communicate with the server.
  • If a firewall blocks port 3306, we might need to change the port to one that the firewall allows.

This way, changing the default port of MySQL adds an extra layer of security.

3. Changing Default MySQL Port on Linux

On Linux systems, the MySQL configuration file is generally found at: “/etc/mysql/my.cnf” or “/etc/mysql/mysql.conf.d/mysqld.cnf“. These files contain MySQL settings, including the default port (3306). We can edit these files using a text editor like Nano or Vim, update the port, and then restart the MySQL service for the changes to take effect.

3.1. Edit the Configuration File

We can open the configuration file using the Nano editor with sudo privileges:

sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf

In the MySQL configuration file, the [mysqld] section may not explicitly include the port directive because it defaults to 3306. Therefore, if we need to change the port, we can add or update the port directive under the [mysqld] section:

port=3307

We can replace 3307 with any custom port number for MySQL:

edit conf file

Finally, we save the changes in the configuration file and exit.

3.2. Restart MySQL Service

After updating the default port, we need to run the systemctl command to restart MySQL service:

sudo systemctl restart mysql

3.3. Verify New Port

Let’s verify MySQL Server’s running port with the netstat command:

sudo netstat -tulnp | grep mysql

The screenshot shows that MySQL is listening on port 3307 for SQL connections:

verify port

3.4. Update Firewall

If a firewall is in use, its settings should be updated to allow traffic through the new port:

sudo ufw allow 3307/tcp

This step ensures proper communication for MySQL and prevents incoming and outgoing connections from being blocked:

update firewall

4. Changing Default MySQL Port on Windows

We can edit the “my.ini” file to change the default MySQL port on the Windows operating system. This file can be located at the “C:\ProgramData\MySQL\MySQL Server version_number\my.ini“.

4.1. Edit my.ini File

First, we open the my.ini file, navigate to the [mysqld] section, and then, we can add or modify the port line:

port=3307

Let’s replace 3307 with any custom port and save the file:

specify custom port

4.2. Restart MySQL Service

Let’s restart the MySQL service through the Windows Services Manager. To do this, first, we press Win + R, type services.msc, and press Enter. After this, we locate MySQL in the Windows Services Manager and Restart it:

restart mysql

4.3. Verify the New Port

Let’s verify the altered port by accessing MySQL with the new port:

mysql -u root -p --port=3307

After specifying the correct password, the MySQL prompt (mysql>) appears, which indicates a successful connection:

validate new port

4.4. Update Firewall

To ensure the new port is allowed through the Windows Firewall, we need to access the Windows Defender Firewall from the Control Panel:

windows defender

Next, we need to navigate to the Advanced Settings to open the firewall configuration, select Inbound Rules, and then create a new rule by clicking the New Rule… button:

create new rule

We choose Port as the rule type, then select TCP or UDP and enter the new port number:

set port

Also, we allow the connection, specify when the rule applies, and give the rule a Name (such as “Allow MySQL Port”):

update firewall rule

Finally, we click the Finish button to complete the process.

5. Key Challenges When Modifying the MySQL Port

Although changing the port improves security, it can lead to maintenance challenges. For instance, when MySQL’s port is changed, all connected applications must be updated. WordPress, for example, expects MySQL to use the default port (3306). To connect to a different port, we need to edit the wp-config.php file, such as: define(‘DB_HOST’, ‘localhost:3307’), where 3307 is the new port.

Additionally, identifying all applications that rely on the default port can be difficult, and changing it may cause some applications to stop working unexpectedly. Without proper documentation, debugging issues related to the port change can become more challenging in the future.

6. Conclusion

In this article, we demonstrated steps to change the default port of MySQL on Linux and Windows operating systems. By following the steps discussed in this article, we can efficiently change the default MySQL port to a custom port.

Changing the default MySQL port from 3306 to a custom port can add an extra layer of security by reducing the likelihood of malicious attacks targeting the default port. However, it’s important to consider the potential challenges.