I read somewhere that you should close it for security reasons. Installing and maintaining a larger database with a tool like phpmyadmin is a pain though. It's ok for small databases but any big site would have problems.

What do you think? Is it really needed to close this port?

thanks.

You don't have to "close" it, you just need to filter it.

It's out of the scope of a forum message to instruct you how to do this - find the ipchains HOWTO and learn how to filter ports with ipchains. Just type a google query for "ipchains howto". Read it carefully.

But basically, you can make ipchains rules such that localhost is the only one allowed to connect to the MySQL port to get some basic security from the world at large.

MySQL is designed to be networked using TCP ports, but it also supports local socket connections.

Unless you require a network connection to MySQL (such as when you run a database on one server and a program on another server), then you probably don't need networking.

You should have (or get) a my.cnf file in /etc. All you need to do is add the line:
skip-networking
to your configuration file. This will prevent the port from being open.

Using IPChains would also do the trick, but why open a port you don't need.

Of course, this is the best solution. I didn't know you could tell MySQL not to listen on the network - you learn something new every day :-)