csf doesn't allow remote MySQL

C

cbarone

Verified User
Joined
May 20, 2020
Messages
9
So I have added IPs for remote MySQL and everything works fine IF I disable csf...

How do I allow MySQL connections through csf/why does this not work be default...
 
cbarone said:
why does this not work be default...
Click to expand...
Firewalls are for security. So only default used ports are opened. Port 3306 is normally not used for external connections and is a security risk.
So that's why it's not opened by default.

Next to that, if it still does ot work after Zhenyapan's tip, you might have to change your /etc/my.cnf (or some kindlike place) for it to work.
If present, change:
Code: 
bind-address = 127.0.0.1
to
Code: 
bind-address = *
 
Richard G said:
Firewalls are for security. So only default used ports are opened. Port 3306 is normally not used for external connections and is a security risk.
So that's why it's not opened by default.

Next to that, if it still does ot work after Zhenyapan's tip, you might have to change your /etc/my.cnf (or some kindlike place) for it to work.
If present, change:
Code: 
bind-address = 127.0.0.1
to
Code: 
bind-address = *
Click to expand...

Thanks for the information I'll give it a shot, I've never used csf, I've used iptables before but not csf. I just would assume that on a webserver panel like directadmin that'd be opened (Like it is on cPanel/WHM) or would be opened for connections on the ips added to remote ips for a database...
 
cbarone said:
I've used iptables before but not csf.
Click to expand...
It's the same. CSF is just a shell for iptables. Making life of detection and security a lot easier to monitor many services on a hosting server.

cbarone said:
(Like it is on cPanel/WHM)
Click to expand...
It's not like that on cPanel, I'm also using cP.
Only when you're not using a firewall. That's the same in Directadmin.
CSF for cPanel has it closed automatically too. It's basically the same CSF.
Next to that, cP also needs additional action:
  • Go to Databases » Remote MySQL.
  • Enter the IP address of the computer that will be making the remote connection.
  • Click the Add Host button.
So it's not really different on either system it just depends on if you do or don't use CSF. if you do, it's closed on both. If you don't, in cP you need some extra action to add the ip's.
With DA you don't have to add them because DA does not have that option as far as I know.

The option cP has is a nice option. You might send in a feature request for it if you like it.
 
Richard G said:
It's the same. CSF is just a shell for iptables. Making life of detection and security a lot easier to monitor many services on a hosting server.


It's not like that on cPanel, I'm also using cP.
Only when you're not using a firewall. That's the same in Directadmin.
CSF for cPanel has it closed automatically too. It's basically the same CSF.
Next to that, cP also needs additional action:
  • Go to Databases » Remote MySQL.
  • Enter the IP address of the computer that will be making the remote connection.
  • Click the Add Host button.
So it's not really different on either system it just depends on if you do or don't use CSF. if you do, it's closed on both. If you don't, in cP you need some extra action to add the ip's.
With DA you don't have to add them because DA does not have that option as far as I know.

The option cP has is a nice option. You might send in a feature request for it if you like it.
Click to expand...

You do have to add remote ips/hosts to each database on DA. I did that already, but yeah now that I know where to add the port, it works. Thank you to both of you!
 
You're welcome.
Just be aware that now everybody can connect to it with DA. Unless you make some special rules so only certain ip's can connect. Be safe!
 
Hi guys, it's me again!
Having this same situation, i already tryed to bind to * but seems it not working, all works fine when i disable csf

Code: 
bind-address = 127.0.0.1
to
Code: 
bind-address = *

Another question is, it's possible to access with da_admin user, using software like mysql workbench, navicat, db forge, etc?
EDIT
Okk i make this work:
i entered to mysql cli and executed this command:
SELECT user,host FROM mysql. user;
UPDATE mysql.user SET Host='%' WHERE Host='localhost' AND User='da_admin';

I'm still trying to access my server remotely without disable CSF
 
Last edited:
You must log in or register to reply here.
Back
Top