Do you allow remote connections on mysql?

Doyou allow remote connections to mysql

  • Yes on default port

    Votes: 7 36.8%

  • Yes on alternate port

    Votes: 1 5.3%

  • No

    Votes: 11 57.9%
  • Total voters
    19
K

kieranmullen

Well-Known Member
Aug 25, 2005
165
0
166
Portland, OR USA
Thinking of past sql issues worms etc...

Do most hosts decide to only allow connections to mysql from localhost?

I dont think many change the default port number. Although it might be a pin for clients, it could be an additional security measure.
 
chirpy

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
33
473
Go on, have a guess
IMO, it's avery bad idea to leave port 3306 open to anyone to connect to. You expose the server to hackers through MySQL and allow clients to access (and abuse) MySQL databases on your server from sites hosted elsewhere.

If you have to do it, I'd block the port in your firewall and allow through only specific IP addresses of known trusted users through port 3306.
 
Spiral

Spiral

BANNED
Jun 24, 2005
2,018
8
193
There are a large number of concrete reasons for disallowing all external MySQL connections
that touch upon security, network reliability, server performance, and latency issues.

I could probably sit and write a 50 page essay on the topic here but I am very busy
at the moment and really don't have the time.

Just know that it is never a good idea to use remote MySQL databases or allow others
to connect to your MySQL database remotely.

Bad, bad, bad idea! ;)
 
G

GCIS

Active Member
Dec 12, 2006
26
0
151
If you allow remote MySQL connections, you need to use a whitelist with a default deny configuration. Allowing remote connections only from trusted hosts does not present as large of a security threat as the community seems to believe, but nevertheless, it does increase risk, mainly in the event that an allowed host is compromised by a malicious third party.


If remote connections are used only for a specific and limited purpose, then the best solution is to use a PHP or perl script to process requests from that host, and make appropriate database changes through that script. This prevents a comprimise of a remote system from giving the attacker full control over a MySQL user account. In addition, SSL can be used between the remote system and the main database when making HTTP transactions; this prevents the (unlikely) problem of a malicious user capturing traffic as it passes from one datacenter to the next.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
S Which script allows remote MySQL access? Databases 5
O Allow Remote MySQL Checklist Databases 3
R WHM Server Not Allowing Remote DB Connection Databases 1
D mySQL Allow remote connection on different port(not 3306) Databases 3
V How do you allow SECURE remote MySQL connections? Databases 3
Similar threads
Which script allows remote MySQL access?
Allow Remote MySQL Checklist
WHM Server Not Allowing Remote DB Connection
mySQL Allow remote connection on different port(not 3306)
How do you allow SECURE remote MySQL connections?
Top Bottom