HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Tips/Tricks/Mods (http://www.howtoforge.com/forums/forumdisplay.php?f=29)
-   -   howto - disable default remote access to sql, enable webserver access automatically (http://www.howtoforge.com/forums/showthread.php?t=58421)

radim_h 28th August 2012 12:05

howto - disable default remote access to sql, enable webserver access automatically
 
Maybe someone can use this
.
I have multiserver setup, where Database server is different then webserver
server1: ISPConfig webinterface, DNS, oldwebserver
server2: mailserver, dbserver

When you add Database in Sites=> Database menu, there is Remote Access IPs field (separate by , and leave blank for any)

I don't like that access to mysql server is enabled by default from anywhere. Want to explicitly allow all accessing IPs . And i also need webserver to have allowed access to DB by default (my clients will never know what to fill into that field)

It's easy:
On Database server edit file
/usr/local/ispconfig/server/plugins-available/mysql_clientdb_plugin.inc.php

and change
//if(trim($host_list) == "") $host_list = '%';
to
if(trim($host_list) == "") $host_list = '1.2.3.4';

and also change
//if(!is_array($host_list)) $host_list = explode(',', $host_list);
to
if(!is_array($host_list)) {$host_list = split(',', $host_list); $host_list[] = '1.2.3.4';}

where 1.2.3.4 is adress of your webserver (or any server you want to allow acces to by default)

You can check result in Privileges table in phpMyAdmin

Croydon 28th August 2012 12:50

In current svn version (3.0.5) the web-server that the database is assigned to is automatically added to the remote ips.
Please do NOT use php function split as it is highly deprecated! Use explode instead.

till 28th August 2012 12:51

Quote:

When you add Database in Sites=> Database menu, there is Remote Access IPs field (separate by , and leave blank for any)

I don't like that access to mysql server is enabled by default from anywhere. Want to explicitly allow all accessing IPs . And i also need webserver to have allowed access to DB by default (my clients will never know what to fill into that field)
There is no default access from everywhere. This field is used in combination with the remote access checkbox only, so the ddefault is that databases can be accessed from localhost only and not from everywhere.

radim_h 28th August 2012 13:29

sorry, didn't see that checkbox, i'm using modified template...
.. happy is integrated in 3.0.5, i will not need change code after update


All times are GMT +2. The time now is 13:17.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.