• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Issue How to (simply) access mysql from remote (sorry..again)

X

Xavier123

New Pleskian
Hi everybody,
I search a lot but i don't find out what i'm doing wrong..

I have plesk 12 on Ubuntu 14.04.2 LTS
I have created a database with "allow connection from xx.xx.xx.xx and xx.xx.xx.xx"
In the firewall, i have for mysql "allow incoming from all".

Despite of this, i can't access remotely to the database.
What did i miss ?
Thanks for the help : i'm on this for hours now and can't understand why that's not working. :(

Xavier
 
Hi Xavier123,

the default setting is localhost ( 127.0.0.1 ) in your "my.cnf". If you would really like to change that ( not recommended! ), edit it to for example:

Code: 
...
[mysqld]
...
bind-address    = XXX.XXX.XXX.XXX
# skip-networking

... where "XXX.XXX.XXX.XXX" has to be your server-IP. Restart MySQL after the change.
 
Hi UFHH01,
I did this :
- modified the rules in firewall : Mysql autorize only one static ip, let'say 101.102.103.104
- Create a database with a user autorised on the same ip : 101.102.103.104
- modified my.cnf by replacing 127.0.0.1 by the ip of my server.

Now, if i try to telnet from an ip not autorized with "telnet xx.xx.xx.xx 3306", i have connection refused. If i try this with the autorized ip, it works.

A simple question : as you wrote me "it's not recommended", is there a security risk with this configuration ?
Thanks :)
Xavier
 
Hi Xavier123,

Xavier123 said:
is there a security risk with this configuration ?
Click to expand...
Without starting a discussion, the answer is certainly "YES". Even the fact that you limit the remote access to one or two IPs, your MySQL - server is now reachable from "outside". I don't want to frighten you, but pls. consider to Google "mysql" "remote access" "security risk" and as well, pls. ask yourself, why the standart configuration is set to localhost only.
 
In fact, my question could be more accurate : if i autorize only one ip to connect to mysql on 3306, all other ip will have a "connection refused". How the port could be then attacked ? The only thing i could see is a potential security risk if the computer using the autorized ip is infected by a malware or virus. It can help a lot if you can explain what is the real security risk (i google as you told me, but people says merely that if there is only an ip, the risk is more than to be in localhost but less than a CMS not updated with php files not up to date (Joomla, Wordpress, etc..)...
Please explain :)
[EDIT] : to complete this, why Plesk include this option if we should'nt use this for security risk ?? I don't understand...
 
You must log in or register to reply here.

Similar threads

M
Resolved Cannot connect to DB Remotely
Replies
3
Views
684
melifetaji
M
jlocana
Question How do I access my database in phpMyAdmin from external application?
Replies
1
Views
162
jlocana
jlocana
P
Resolved No remote MySQL connections after update
Replies
11
Views
2K
petermeester
P
T
Resolved How to automate remote access to MySQL?
Replies
1
Views
783
tkoa
T
B
Resolved Write permissions and remote DB
Replies
2
Views
1K
benderzuelo
B
Back
Top