1.1 Who can connect and from where?
You can allow a user to connect from a specific or a range of hosts. At one extreme, if you know to demote connections from one host, you can limit permissions to a single host:
GRANT ALL ON samp_db.* TO boris@localhost IDENTIFIED BY "ruby" GRANT ALL ON samp_db.* TO fred@res.mars.com IDENTIFIED BY "quartz"
(samp_db.*means "all tables of the samp_db database") The other extreme is that you may have someone who travels frequently and needs to be able to travel from all over the world Host the connected user max. In this case you can allow him to connect from wherever:
GRANT ALL ON samp_db.* TO max@% IDENTIFIED BY "diamond"
"% " character acts as a wildcard and has the same meaning as LIKE pattern matching. In the above statement, it means "any host". So max and max@% are equivalent. This is the simplest way to create a user, but it is also the least secure. .
You can allow a user access from a restricted set of hosts. For example, to allow mary to connect from any host in the snake.net domain, use a %.snake.net host specifier. :
GRANT ALL ON samp_db.* TO mary@.snake.net IDENTIFIED BY "quartz";
If you prefer, the host part of the user identifier can be an IP address instead of a host You can specify an IP address or an address containing pattern characters, and, as of MySQL 3.23, you can also specify an IP number with a netmask indicating the number of bits used for the network number:
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
