1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice

MySQL matters : external access

Discussion in 'Plesk for Linux - 8.x and Older' started by MaRiOs, May 13, 2005.

  1. MaRiOs

    MaRiOs Guest

    0
     
    By default u cannot log in sql with any external way like using MySQL Administrator cause u have to be like 'user@localhost' and it wont let u log in if you have something like 'user@yourinternetprovider.com' .

    This can be changed manually from somwhere in the tables of plesk sql and let u login by any ip address u are.
    But is that secure? or it will be dangerous for hackin in the server ?
    (i'm thinkin if this is any vunerablity of plesk)

    Has anyone test it here ?
     
  2. serve-you.net

    serve-you.net Guest

    0
     
    Generally, it's a bad idea to allow connections from outside of the server, unless you need it. As with any type of external access, you are opening up another port/application for the bad guys to exploit. Do it on a case by case basis.
     
  3. MaRiOs

    MaRiOs Guest

    0
     
    What do you mean by case basis ?
    only for some specific accounts ?
     
  4. MaRiOs

    MaRiOs Guest

    0
     
    So i want to change that.
    I want all of my clients to be able to access MySQL from any ip they are.Full remote access.

    1.Can i do that throught plesk ? enable i ?

    2.I want to allow that to all the user except the Admin of mysql.
     
  5. jamesyeeoc

    jamesyeeoc Guest

    0
     
    I think what he meant by 'case by case basis' is that as the hosting admin, you would need to evaluate each client's request to see if you really think it is necessary.

    Giving *full* access from *all* ips will allow anyone in the world to get to your databases, of course they would need a valid user/pwd, but all it takes would be for one client to have a simple password which could be broken by a dictionary attack and you would then be in some serious trouble.

    If you really insist on doing this, then read http://forum.sw-soft.com/showthread.php?threadid=22362
    and then make sure your firewall is configured to allow the port (not blocked). Good Luck and remember, you have been forewarned of imminent danger!

    Also, why would you want to give access to all users, but not the admin?

    Plesk CP does not have this 'built in', you would need to modify the database as outlined in the other thread above.
     
  6. MaRiOs

    MaRiOs Guest

    0
     
    Cause lets say that a simple user has a Myslq database for his own needs and he wants to do a backup of it everyday.

    If the user has chrooted shell acces he cant use any msql backup commands.
    how he will be able to do backups by his own ? and not having to trouble the administrator ?
    is there any other way ?
     
  7. Whistler

    Whistler Guest

    0
     
    I think its fair to say: yes!!! theres a lot of other more secure options...

    If the user only needs access to MySQL from outside the box to make a backup heres a couple of suggestions:

    1) use phpMyAdmin either through Plesk or install it seperately - then it's possible to dump the data through Apache/PHP which is most safe.

    2) create a backup-script (either in PHP or could be a shellscript - runned by user with access to mysql commands - putting the backup in a users ftp-dir) that might do the same as the above mentioned.

    3) give chrooted access to mysql

    4) only open up outside access to that user from ONE ip - the ip of the server/computer the backup is taken from....

    I could find more ways to solve your problem - but I think the above would do :)
     
  8. editor

    editor Guest

    0
     
    No, thats not a bad idea. It is very often used. For example
    to sell content with MySQL-Accounts.
     
  9. editor

    editor Guest

    0
     
    hi james,

    I think, he does it by that way alike we also do it in our
    editorial-office. I produce content (f.e. workshops, articles,
    faqs, and so on). All this will be inputed into one central
    database. And now this database must feed it to different
    webpages. Some webpaes are already onto the same
    server. But there are also other departments or other
    companies who pay for each content.. Publishing one
    article will then not only appear onto our magazine, it will
    also appear onto other servers.

    In such a case, you have to give the client an account to
    access some special tables of a MySQL-database. A client
    will have to connect from his server with his ip-number
    111.111.111.111 to my MySQL-Server with ip-number
    222.222.222.222.

    So, Marios should read the MySQL-Handbook at
    http://www.mysql.com

    <?php
    $link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
    if (!$link) {
    die('Could not connect: ' . mysql_error());
    }
    echo 'Connected successfully';
    mysql_close($link);
    ?>

    Easy.
     
  10. jamesyeeoc

    jamesyeeoc Guest

    0
     
    Hi editor,
    Yes, I understand that it is a necessary thing for some domains. I just don't think it's a good idea for him to open up full access from "all IPs". I have no objections to opening up MySQL access from specific client IPs, I do that as well.

    But I also put those client's who need external access onto a separate server (or dedicated hosting) to minimize the risks associated with it. If one client's box gets hacked, then it will have no impact at all on any other client. This is just my way of doing things with my clients, as always, each hosting admin has to make their own decisions for their business.
     
  11. MaRiOs

    MaRiOs Guest

    0
     
    ok guys thanx for your ideas.

    Theres another idea check this new thread
     
  12. MaRiOs

    MaRiOs Guest

    0
     
    Has anyone tried Power Toys ???


    they say they have MySQL Remote Admin User Manager .
    This may let me have external access to SQL throught the panel.

    Any one using these Toys ?
     
  13. MaRiOs

    MaRiOs Guest

    0
     
    This wont work cause phpMyAdmin lets u backup db that are 4 mb maximum,not any bigger ones :(
     
  14. Whistler

    Whistler Guest

    0
     
    Alter your settings in either phpmyadmin/config.inc.php or in php.ini on your system.

    If I remember correct, it's a PHP default limit and it could be changed through php.ini

    So yes, it's still an option just change the limits :)
     
  15. MaRiOs

    MaRiOs Guest

    0
     
    I've checked both files u said and couldnt find anything at all :(
     
Loading...