Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Allow Remote MySQL Checklist

Discussion in 'General Discussion' started by osirion, Jan 29, 2018.

  1. osirion

    osirion Well-Known Member

    Joined:
    Jan 16, 2007
    Messages:
    50
    Likes Received:
    4
    Trophy Points:
    158
    Hi Guys,
    Currently I have to whitelist each of my customers IP's for remote mysql access on 3306. However, we have dynamic IP's in our country and so adding/updating IP's on the firewalls allow every day is a real pain. Looking to open up port 3306; but what measures should I take to ensure the security of the server (especially from a cPanel perspective/settings)?

    Thanks in advance...
     
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,792
    Likes Received:
    83
    Trophy Points:
    78
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    If you are on a shared server, never do this, as opening 3306 publically will have a risk of big time SQL injection.. It is always advised to have the IP added that requires access to the MySQL.. You can create shell script to make your work easy if you want, but this is the best method advisable..
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. osirion

    osirion Well-Known Member

    Joined:
    Jan 16, 2007
    Messages:
    50
    Likes Received:
    4
    Trophy Points:
    158
    Yeah, this is a shared hosting environment for 100s of clients. Running on cPanel with CloudLinux / LVE / CSF / LFD and strong passwords etc.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,794
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Have you considered allowing an IP range instead of allowing access to all IP addresses?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice