In case you haven’t already noticed, SQL tends to allow some pretty insecure permissions by default, allowing root access from any computer.
This is a big problem, especially if you have port forwarding configured on your router to your SQL instance.
However, you can easily create new users using any management interface, so we’ll do it with HeidiSQL
2) Select Tools > User Manager
First of all, we’ll remove root access for remote hosts.
This makes sure that when you’re on your local network, you can still log in as root. Click save.
Next we’ll add a new restricted user Click add user.
4) From host % (Access from anywhere)
5) In the “Allow access to” section, expand (But don’t select by ticking the box) global privileges
6) Choose select and insert
Click Save and Close.
You can now configure your web scripts and WordPress plugins to use this new username and password.