Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 8.x
  4. Topic: limit MySQL remote access by IP
« previous next »
Pages: [1]   Go Down

limit MySQL remote access by IP

  • 4 Replies
  • 5243 Views

Offline mike_mattos

  • *
  • 313
  • +0/-0
limit MySQL remote access by IP
« on: September 21, 2015, 02:59:50 PM »
IS there a way to limit remote access to MySQL similar to the Server-Manager remote access?   

I would like all work-stations and servers I manage to have read/write access to a MySQL database on my personal server.  ( about half a dozen fixed IP's ) 

I'd prefer not to have public access if possible.  Saves a lot of work if I can push all the data to my server.  The server does NOT host a website.

Thx
Logged
...

Offline janet

  • *****
  • 4,812
  • +0/-0
Re: limit MySQL remote access by IP
« Reply #1 on: September 21, 2015, 03:40:14 PM »
mike_mattos

IIRC when you create passwords for the mysql tables, you can specify IPs
Logged
Please search before asking, an answer may already exist.
The Search & other links to useful information are at top of Forum.

Offline mike_mattos

  • *
  • 313
  • +0/-0
Re: limit MySQL remote access by IP
« Reply #2 on: September 21, 2015, 03:53:18 PM »
mysql> GRANT ALL PRIVILEGES ON *.* TO USER-NAME@IP IDENTIFIED BY "PASSWORD";

USER-NAME is the username that you would like to create,  IP is the public IP address of your remote connection (like '195.x.y.z')

This limits the database access, but would it not still allow global attempts to login to the MySQL server ?  I'd rather not have hackers trying to log in at all.
Logged
...

Offline janet

  • *****
  • 4,812
  • +0/-0
Re: limit MySQL remote access by IP
« Reply #3 on: September 21, 2015, 04:04:21 PM »
mike_mattos

Well you have not really explained your situation that well.
All all the workstations IPs on the LAN ?

If you do not open mysql access then external (WAN) users cannot access it

see
http://wiki.contribs.org/MySQL#Access_MySQL_from_the_local_network
&
http://wiki.contribs.org/MySQL#Access_MySQL_from_a_remote_network

Also see
http://wiki.contribs.org/MySQL#Allow_mysql_login_from_any_LAN_workstation

If you do not enable remote access (WAN) then what is the problem.
All tables will be password protected & as other IPs are not specified then no one can gain access.

Yes there is an inherent danger in opening mysql to the world, that is why it is not really recommended, the wiki article talks about using a VPN connection, or an SSH tunnel, or (at a minimum), restrict the allowed login hosts to their internet IP address.
Logged
Please search before asking, an answer may already exist.
The Search & other links to useful information are at top of Forum.

Offline CharlieBrady

  • *
  • 6,918
  • +3/-0
Re: limit MySQL remote access by IP
« Reply #4 on: September 21, 2015, 04:48:06 PM »
Quote from: mike_mattos on September 21, 2015, 03:53:18 PM
This limits the database access, but would it not still allow global attempts to login to the MySQL server ?  I'd rather not have hackers trying to log in at all.

So don't open up mysql access at all. By default it is only accessible from localhost.
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 8.x
  4. Topic: limit MySQL remote access by IP