When running a typical LAMP stack for a public website on EC2, what is the proper firewall setting for port 3306?

view full story

http://serverfault.com – I'm reviewing the security groups on my EC2 Ubuntu instance that runs a public website on LAMP. Presently my ports are as follows: 22 (SSH) 80 (HTTP) 443 (HTTPS) 3306 (MYSQL) I'm thinking it should be possible to tighten up a bit on the mysql port as the connections are only made locally. Any insights are welcome. (HowTos)