Skip to main content

Client Error Limit

Overview

The Client Error Limit feature restricts connection attempts from addresses that exceed a specified error threshold, preventing future connections from problematic sources.

Key Variables

  • mysql-client_host_error_counts — Sets the maximum allowable errors before an address is banned from new connections.
  • mysql-client_host_cache_size — Defines cache capacity for tracking client addresses with connection errors.

Both variables default to 0, which disables the feature. Enable it by setting mysql-client_host_cache_size above zero.

Cache Behaviour

When a new connection arrives:

  1. The cache checks if the client address has reached the maximum error count
  2. If the limit is exceeded, an error is logged to ProxySQL and the connection is rejected
  3. If not exceeded, the connection attempt proceeds:
    • Connection fails — The address is added to the cache (or its error count incremented). When the cache is full, the oldest entry is replaced.
    • Connection succeeds — The address is removed from the cache if previously present.

Management Command

PROXYSQL FLUSH MYSQL CLIENT HOSTS;

Clears the client host cache entirely.

Monitoring

SELECT * FROM stats.stats_mysql_client_host_cache;
SELECT * FROM stats.stats_mysql_client_host_cache_reset;

Querying stats_mysql_client_host_cache_reset also resets the counters.