In order to accept a connection from even one outside IP, you'll need to make some opening. If you're really concerned about security, you could setup a VPN connection between your server and the external IP, and use that to tunnel the MySQL connection so that it is connecting on the internal IP address.
Or alternatively, open up access to just the external IP but use a port other than 3306 - this isn't terribly more secure than using port 3306 but does make it a bit less obvious what you're doing.
- Re-Allow external connections to MySQL.
- Create a privileged mysql user that only works from localhost (so use it from your scripts, etc)
- Create another privileged mysql user that only works from an external IP... And use it to remotely connect your mysql server.
- Don't care about attacks since they cannot connect through your external IP...
Thank you all for your help. Now its working and mysql is accepting connections only from our website ip.
I did not allow mysql to accept external connections. What I did is open port 3306 and configured it to allow our "external" ip only. Then I had to create a new mysql username with our external ip as the "host". Now the all the scripts on my site are working.
Mysql is still closed to external connections, port 3306 is secured through windows firewall, the new mysql user is for "Read" only