Documentation Home
MySQL 8.0 Reference Manual
Related Documentation Download this Manual
PDF (US Ltr) - 44.6Mb
PDF (A4) - 44.7Mb
PDF (RPM) - 40.4Mb
HTML Download (TGZ) - 10.5Mb
HTML Download (Zip) - 10.5Mb
HTML Download (RPM) - 9.1Mb
Man Pages (TGZ) - 205.6Kb
Man Pages (Zip) - 308.9Kb
Info (Gzip) - 3.9Mb
Info (Zip) - 3.9Mb
Excerpts from this Manual

B.6.2.5 Host 'host_name' is blocked

If the following error occurs, it means that mysqld has received many connection requests from the given host that were interrupted in the middle:

Host 'host_name' is blocked because of many connection errors.
Unblock with 'mysqladmin flush-hosts'

The value of the max_connect_errors system variable determines how many successive interrupted connection requests are permitted. After max_connect_errors failed requests without a successful connection, mysqld assumes that something is wrong (for example, that someone is trying to break in), and blocks the host from further connections until you flush the host cache by executing a FLUSH HOSTS statement, a TRUNCATE TABLE statement that truncates the Performance Schema host_cache table, or a mysqladmin flush-hosts command.

To adjust the permitted number of successive connection errors, set max_connect_errors at server startup. For example, put these lines in the server my.cnf file:

[mysqld]
max_connect_errors=10000

The value can also be set at runtime:

SET GLOBAL max_connect_errors=10000;

If you get the Host 'host_name' is blocked error message for a given host, you should first verify that there is nothing wrong with TCP/IP connections from that host. If you are having network problems, it does no good to increase the value of max_connect_errors.

For more information about how the host cache works, see Section 8.12.4.2, “DNS Lookup Optimization and the Host Cache”.


User Comments
User comments in this section are, as the name implies, provided by MySQL users. The MySQL documentation team is not responsible for, nor do they endorse, any of the information provided here.
  Posted by Priyanke de Siva on December 3, 2014
Hello All,

I was looking for a way to block hosts (for sometime) based on authentication failure counts (i.e. block bad attempts for a few minutes/hours and release automatically).

About a year ago I wrote something to block hackers to my SIP server which has proved successful.

Hence, I adapted it to MySQL.

The code/explanation is at http://www.abelcanada.com/securemysql.php for anybody who it interested.

This model can be adapted for any software which is used for IP (or any other) login and parameters can be changed to suite each individual requirement.

This complements IPTABLES, but is a better solution as it blocks the IP as a service, rather than global.

Anthonus

Sign Up Login You must be logged in to post a comment.