Results 1 to 9 of 9
  1. #1

    What is the security issue if I allow remote mysql ?

    Hi,
    What are the real security issues if I allow remote mysql server access for users ? How does it harm ?
    Thanks for your valuable comments
    Thanks

  2. #2
    Join Date
    Oct 2009
    Location
    UK - London
    Posts
    73
    Well, you'd have to open the port on your firewall for MySQL (if you don't already have it open) which makes it at risk of DoS/DDoS attack... unless you make it so that only one IP of the user that needs to access your MySQL remotely can pass through the firewall on that port. If the user is trustworthy and you are sure of what they are using it for, there wouldn't be a problem/security issue in allowing one specific IP through to it (unless that IP gets hacked).

  3. #3
    Join Date
    Apr 2004
    Location
    Pacific Palisades, CA
    Posts
    3,641
    These users are who? Hosting customers with a mysql db and a local database admin tool on their pc?
    Collabora Hosting - Unlimited Windows and Linux Hosting
    Web Security - VPS - Dedicated Servers
    Cloud and Managed WordPress Hosting
    Read how we do Unlimited Hosting at the Unlimited FAQ

  4. #4
    Join Date
    Oct 2004
    Location
    Kerala, India
    Posts
    4,771
    Opening the remote access to the server for the whole world using wildcard is not good. You can give remote access to specific IPs. This will make sure that only those specific IPs can access through mysql port.
    David | www.cliffsupport.com
    Affordable Server Management Solutions sales AT cliffsupport DOT com
    CliffWebManager | Access WHM from iPhone and Android

  5. #5
    Join Date
    Oct 2009
    Location
    Lakewood, CO
    Posts
    41
    Just as everyone else has said, Just allow the specific IP's that you want to access it through your firewall. Opening it to the general public can cause some serious issues if people decide they want to mess with you (which will happen)

  6. #6
    You should try to secure your mysql password and check the permissions of the configuration files it should be 600. Also mysql comes with the different logs files you should keep track of client connections, queries and server errors.
    SUPPORT FACILITY | 24/7 TECH SUPPORT
    SERVER MANAGEMENT | WEB HOSTING SUPPORT | WP EXPERTS

  7. #7
    Join Date
    Nov 2004
    Location
    India
    Posts
    1,104
    You can allow IP based MySQL connections to outside world but still you have problems if the client files have improper permissions or poor coding. An attacker can inject your whole server's index pages.
    AssistanZ - Beyond Boundaries...
    Cloudstack Consultancy / 24x7 Web Hosting Support / 24x7 Server Management / Infrastructure Management Services
    Web & Mobile Apps Development / Web Designing Services / Php, Grails, Java Development

  8. #8
    Join Date
    Jul 2009
    Posts
    240
    make sure openssl is enabled on your mysql build so remote connections are encypted

  9. #9
    Quote Originally Posted by traffic99 View Post
    Hi,
    What are the real security issues if I allow remote mysql server access for users ? How does it harm ?
    Thanks for your valuable comments
    Thanks
    If your MySQL users have ssh account I suggest to use port forwarding SSH feature. This way MySQL connection is safely (behind SSH) exposed to outside world.

Similar Threads

  1. Remote DNS issue
    By yah0m in forum Hosting Security and Technology
    Replies: 3
    Last Post: 05-19-2009, 12:26 AM
  2. MySQL security issue: creating a query based on user input
    By bleenzorb in forum Programming Discussion
    Replies: 9
    Last Post: 04-11-2007, 02:44 PM
  3. php security issue
    By p15650 in forum Hosting Security and Technology
    Replies: 5
    Last Post: 02-26-2007, 10:56 PM
  4. Is that a security issue?
    By raulgonzalez in forum Programming Discussion
    Replies: 4
    Last Post: 05-17-2005, 01:19 PM
  5. security issue-what could this be?
    By deseek in forum Hosting Security and Technology
    Replies: 2
    Last Post: 05-03-2004, 01:48 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •