osirion

Well-Known Member
Jan 16, 2007
54
4
158
Hi Guys,
Currently I have to whitelist each of my customers IP's for remote mysql access on 3306. However, we have dynamic IP's in our country and so adding/updating IP's on the firewalls allow every day is a real pain. Looking to open up port 3306; but what measures should I take to ensure the security of the server (especially from a cPanel perspective/settings)?

Thanks in advance...
 

24x7server

Well-Known Member
Apr 17, 2013
1,911
96
78
India
cPanel Access Level
Root Administrator
Twitter
Hi,

Looking to open up port 3306; but what measures should I take to ensure the security of the server
If you are on a shared server, never do this, as opening 3306 publically will have a risk of big time SQL injection.. It is always advised to have the IP added that requires access to the MySQL.. You can create shell script to make your work easy if you want, but this is the best method advisable..
 

osirion

Well-Known Member
Jan 16, 2007
54
4
158
Yeah, this is a shared hosting environment for 100s of clients. Running on cPanel with CloudLinux / LVE / CSF / LFD and strong passwords etc.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,222
463
Hello,

Have you considered allowing an IP range instead of allowing access to all IP addresses?

Thank you.