Do not open your database to the whole network, meaning the port on which MySQL runs (3306) should not be accessed from other networks. It should be open only to the application server. You can set up a firewall using iptables or the host.access file to restrict access to port 3306. If you are using MySQL on the cloud, the provider will also give a firewall.
Restricting networks and users
How to do it...
To test this, you can use telnet:
shell> telnet <mysql ip> 3306
# if telnet is not installed you can install it or use nc (netcat)
If telnet hangs or the connection is refused, it means that the port is closed. Please note that if you see an output like this, it means that the port is not blocked:
shell> telnet...