Locking down MariaDB for local development environment from external hosts?

I recently came across this little gem of an SQL query for MariaDB: SHOW GLOBAL VARIABLES LIKE 'log_error'; I get that there are tons of bots on the Internet and so I expected what I saw on my live server. However my local server on my home connection + VPN has a ton of bot requests too! I want to be explicitly clear: I do not remote in to my home system what-so-ever. I want to completely lock MariaDB down from external access and whitelist localhost, ::1 and maybe one network IP when I test from my Mac on rare occasion. I know MariaDB users are tied to a host/IP but that is for internal commands. I know I can change the port number and that should be easy enough. But that feels like something to do in combination. I simply want to only whitelist three IP addresses to ever be able to access MariaDB. I've also disabled public access to MariaDB in the Windows Firewall. **How do I lock down MariaDB so it is not accessible to external hosts?** A small sample of the nonsense I'm seeing in the log: > 2025-05-07 18:29:28 6475 [Warning] Hostname 'rnd.group-ib.com' does > not resolve to '80.82.70.133'. 2025-05-07 18:29:28 6475 [Note] > Hostname 'rnd.group-ib.com' has the following IP addresses: 2025-05-07 > 18:29:28 6475 [Note] - 5.9.185.30 > > 2025-05-08 6:36:50 7001 [Warning] IP address '34.77.36.4' has been > resolved to the host name '4.36.77.34.bc.googleusercontent.com', which > resembles IPv4-address itself. > > 2025-05-08 19:51:43 7176 [Warning] Aborted connection 7176 to db: > 'unconnected' user: 'unauthenticated' host: '91.223.169.88' (This > connection closed normally without authentication) > > 2025-05-08 20:46:33 7283 [Warning] Aborted connection 7283 to db: > 'unconnected' user: 'unauthenticated' host: '103.203.57.18' (This > connection closed normally without authentication) > > 2025-05-10 12:14:01 7840 [Warning] Host name 'hn.kd.ny.adsl' could not > be resolved: No such host is known. > > 2025-05-10 13:02:33 7842 [Warning] IP address '198.235.24.242' could > not be resolved: No such host is known. ---------- It's been five hours and eight minutes since I changed the port number and the nearly minute-by-minute ..."events" have completely stopped. That, of course, does not negate the opportunity to learn how else I can strengthen the security of MariaDB on Windows. ---------- dbdemon's answer did not include the exact syntax so I'll clarify what works and how I verified it here: #Block all IP addresses except the same computer: bind-address = 127.0.0.1,::1 I restarted MariaDB and it worked. But I did not know if it would actually block anything so I did the inverse to specify IP addresses I'm not using to intentionally get blocked and thus verify that this will work: #Intentionally test the format to blocking local access: bind-address = 3.4.5.6,7.5.3.2 ...which does work which verifies that the first bind-address line *does* work.