It's fine to expose MySQL to the internet, but it better before set up securely.. and you better be using the database-level user security.