Secure your MySQL server host as to allow connections from the apps host only.
Then, install fail2ban and configure it so it will warn you whenever there are detected threats, like too many password failures, blacklisted access and so on. You can get the DVD ROM drive door open, an email sent, and other ways of being warned of any suspicious activity.
Fail2ban website: http://www.fail2ban.org
Note: for server running up to 100 simultaneous users, medium activity, consider using 2 separate 2 processor-cores appliances connected through low latency links, one for MySQL, the other for Gestix.