MySQL's access control is very finely grained - you have got a great deal of control over who can do what, so you should take advantage of this to make sure you only allow in people you absolutely trust.
Be sure to remove the guest account, leaving only the root user plus any others you use. Secondly, if you are running your server locally and the PHP scripts are local also, you do not need to allow access to anyone from outside - disable accounts that do not have "localhost" as the host, and also consider blocking port 3306 (the MySQL port) on your firewall.
Copyright 2012 Future Publishing Limited (company
registered number 2008885), a company registered
in England and Wales whose registered office is at