mySQL Allow remote connection on different port(not 3306)

_Dejan_

Member
Feb 24, 2010
24
0
51
Hi,
I have cPanel WHM(On VPS) with ConfigServer Security & Firewall. I would like allow remote connections for example on port 5432 and not on 3306 port. How can I do this? Im try some iptables commands(Redirect) but connection trough port 5432 work only if also 3306 is opened what I don't want.
Can someone tell me what I must edit in CSF that this will work?
Thanks for any help.
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
38
248
somewhere over the rainbow
cPanel Access Level
Root Administrator
Hello,

You are wanting to change the default port for MySQL from 3306 to 5432 instead? If so, then you will need to change this in MySQL as well. You cannot simply open the port in the firewall if this has not been changed in MySQL's configuration.

Edit the /etc/my.cnf file and add the following:

Code:
port=5432
Then restart MySQL. To check it works locally, try to access the port on localhost first:

Code:
telnet localhost 5432
You should connect to MySQL. You could then add it into CSF as one of the incoming ports that can be used.

If this is not working, please provide these results provided you have actually changed the port in the /etc/my.cnf configuration file and restarted MySQL:

Code:
telnet IP# 5432
telnet localhost 5432
lsof -i :5432
netstat -an | grep :5432
Thanks.
 

_Dejan_

Member
Feb 24, 2010
24
0
51
Hi,
Thanks for your reply but I think you are misunderstand what I need.
I need that clients which run web pages on this XXX.XXX.XXX.XXX server can connect by using local localhost connection to 3306 port for example if they in php use:
mysql_connect("localhost:3306",username,password);
This connection must work.
Also I need that this users can connect from external application which run on clients(Clients have dynamic IP's so adding host to "whitelist" is not option) to same server and database for example if they use php on other server:
mysql_connect("XXX.XXX.XXX.XXX:5432",username,password);
And next connection can't be allowed:
mysql_connect("XXX.XXX.XXX.XXX:3306",username,password);
because most of attack's will try 3306 port. If someone will try portscan will be automatic blocked by CSF.

I think this can be done by iptables/CSF that it make some port forward on same computer but I don't know how to do that.
Thanks for any help.
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
38
248
somewhere over the rainbow
cPanel Access Level
Root Administrator
If what you are instead asking is to be able to deny connections set on a certain port, that's not something configurable by cPanel, since it is rather a CSF or LFD question, which would more appropriately be posted in their forums at the following location:

http://forum.configserver.com/