Ask your client for the IP that would use the remote mysql. Add the IP in the CSF whitelist and in the remote access list from User Cpanel >> Mysql Databases.
If you allow public access to 3306 port, that might cause attack on your mysql database from unauthenticated user/authenticated scripts. Mysql attacks are costlier than http/dns. I suggest you keep it that way if you are allowing shared users.
Most providers will only open a port for a specific IP. Ask the customer what IP address will be connecting to your server, and then open port 3306 for that IP.
So, if you wanted to open port 3306 (MySQL) for IP 192.168.1.1, you'd add the below to /etc/csf/csf.allow and then restart CSF.
That applies for inbound connections only.
Thats it, you just need to allow IP for remote mysql port only.
Kevin Cheri : Senior Server Administrator / Freelancer : 9+ years Exp, reach me out for any help Server Optimization Expert / Mysql Guru / Migration Specialist
Skype : lynxmaestro
Gmail : [email protected]