Have a weird question / (bug?) here. Using PHP My Admin I installed via apt-get on Ubuntu 13.10
Versions are as follows:
- Server version: 5.5.35-0ubuntu0.13.10.2 – (Ubuntu)
- Apache/2.4.6 (Ubuntu)
- Database client version: libmysql – 5.5.35
- PHP extension: mysqli Documentation
- PHPMyAdmin Version information: 4.0.6deb1
Under the Stats page it is showing the following:
- Questions since startup: 2,144
- per hour: 405
- per minute: 7
Here is the weird thing – about 5 minutes ago it said 5000+ questions since start-up.
I am the only user with access to the database besides the "WWW User" I have created for my PHP pages. My web server is not open to the public – port 80 is blocked on my router, and I have password protection set up in my Apache2.conf file. In order to access my LAMP server on the fly I use ConnectBot for Android to tunnel port 8080 to my computer's port 80. I am not running 405 queries per hour! I have only probably ran at most 20 on the database in the last hour including queries made by PHP scripts. The only way someone other than me could be accessing my LAMP server is if they were using a wifi sniffer and cloning their MAC address to bypass MAC filtering to get past my router – but my router shows nothing unusual connected.
Additionally – it is showing the following, which really has me concerned:
show binlogs 73 13.8 3.40
show tables 34 6.4 1.59
show variables 28 5.3 1.31
show master status 27 5.1 1.26
show status 27 5.1 1.26
show slave status 27 5.1 1.26
With the exception of show tables, I did not know these commands existed. I have not ran a show tables command in several days.
Is someone hacking my database? Or is PHPMyAdmin reporting inaccurate information?
Best Answer
You may have been unaware of this, but everything and its grandmother done in MySQL is a question.
In light of this, the real question is : To mysqld, what is a Question ?
According to the MySQL Documentation on Questions:
Anything you issue for the sake of running queries or just checking a status of some kind is a Question. Even checking how many questions in your session is itself a Question. Here is proof: (I will connect to MySQL 5.6.14 for Windows and ask for Questions in my session):
Microsoft Windows [Version 6.2.9200] (c) 2012 Microsoft Corporation. All rights reserved.
This is normal to expect, so there is really nothing to worry about.
YOUR ORIGINAL QUESTIONS
No, you are not being hacked.
PHPMyAdmin asks mysqld Questions all day long. The result is that it just runs up the global count (As seen from
SHOW GLOBAL STATUS;
). I wrote an answer to a post in ServerFault about 2.5 years ago entitled 1 billion mysql queries in 24 days? Can something be wrong?. I attributed the runaway stats to monitoring then, and I still strongly assert this now.