The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Change Default Mysql Port and restrict to IP ?

Discussion in 'General Discussion' started by fuzioneer, Sep 30, 2008.

  1. fuzioneer

    fuzioneer Well-Known Member

    Joined:
    Dec 12, 2003
    Messages:
    98
    Likes Received:
    0
    Trophy Points:
    6
    I have a requirement to connect two servers that are in different Data centres together using MySql

    I obviously want to harden down this situation.

    My thoughts so far are to do the following if possible:

    1. Change MySQL Default port away from 3306
    2. Lock down incoming connections on this new port to MySQL to a single IP of the other server
    3. Encrypt the information transferred between them

    Firstly what impact if any will Cpanel have on any of the above, i.e. does Cpanel require a hard coded 3306 for instance and if i change it will Cpanel updates change it back ?

    Anyone else done anything similar who can give advice ?
     
  2. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Specifying the MySQL port to use on a remote SQL server is not native functionality to WHM at this time. However, the following slides from a presentation at our 2008 cPanel Conference may be of assistance with regards to how to set this up manually so that you have more fine-grained control over the process, possibly letting you be able to do what you desire:

    http://www.cpanel.net/conference/08/files/RemoteMYSQLServer.pdf
     
  3. fuzioneer

    fuzioneer Well-Known Member

    Joined:
    Dec 12, 2003
    Messages:
    98
    Likes Received:
    0
    Trophy Points:
    6
    thx for the info David

    but that looks like a complete integration of two servers

    I have some php code on one server that needs to connect to the other mysql server to do a query I dont need any cpanel integration

    I do need to know though that if i change the default port that mysql runs on to tighten down security whether or not cpanel will overwrite my changes and if so how can i prevent this ?
     
  4. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,461
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    If you are making your changes to /etc/my.cnf, we won't touch those.

    cPanel itself won't be able to access a MySQL server running on a non-standard port, however it sounds from your post that is not the issue.
     
  5. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    I've used CSF in the past for similar restriction. We run with port 3306 as standard but only allow connections from a very small list of manually allowed IPs. Gives me a good sleep at night, knowing we're safe, and hardly anyone needs to connect remotely. Of course, moving the port is also good except that I think MySQL can be readily identified from an exhaustive port scan, if the varmints get really interested.
     
Loading...

Share This Page