To keep a MySQL database server secure, you should always only allow root logins from the local machine (localhost, 127.0.0.1 for IPv4, and ::1 for IPv6.
Run the following SQL script against the MySQL server, to remove all access from remote hosts for the ‘root’ user account:
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
After making changes to permissions/user accounts, make sure you flush the provilege tables using the following command:
FLUSH PRIVILEGES;
