The Ultimate Guide to High Availability with MariaDB
This is a read-only copy of the MariaDB Knowledgebase generated on 2025-01-30. For the latest, interactive version please visit https://mariadb.com/kb/.

Incrementing of the access_denied_errors status variable

The access_denied_errors status variable is incremented when someone tries to access something they do not have rights to.

This happens in the following cases:

  • When accessing a database, table or column that the user does not have rights to access. This error is sent to the client.
  • When a login fails because of wrong user/password etc. The error is printed to the general log.
  • If require_secure_transport option is enabled in the server and the user has not used a secure transport. The error is sent to the user.
  • Users try to change to a database/schema they do not have access to. A warning is written to the error log if log_warnings > 1.
  • Users try to use a SHOW command to access an object they do not have rights to see. The error is sent to the client.
  • Users access something that requires global access, like "CREATE SERVER". The error is sent to the client.

Login failures one can find in the general log. The errors that are sent to the user can be found by using the sql-error-log-plugin. The plugin captures all errors sent to the client. Starting from MariaDB 10.11.5 forwards, it can also optionally capture all warnings sent to the client.

Content reproduced on this site is the property of its respective owners, and this content is not reviewed in advance by MariaDB. The views, information and opinions expressed by this content do not necessarily represent those of MariaDB or any other party.