I see there is a mock mysql functionality out of the box from mysql installation and it is documented here
It involves, setting up a mock tcp port with binary called ./mysql_server_mock but I couldn't find this in my installation. I installed MySQL 8.0.30 (Windows) and also the MySQL Router but couldn't find this binary. Are there are any other easy way, where a MySQL client sends a request, we in local machines intercept that request and respond with some other results? (Similar to Burp for Web, all locally)
Related
I run into the problem which I wrote as a Title.
The details are below.
Environments and Settings
using the Azure free plan.
created Azure Database for MySQL server (version 8.0).
Deny public network access: No
added firewall rule Start IP: 0.0.0.0 - End IP: 255.255.255.255.
Enforce SSL connection: DISABLED
Client OS: Windows 10 Pro Version 2004 OS Build 19041.685
Overview
Connection security
Ehenomenon
I can connect from Azure Cloud Shell.
I can connect from local DBeaver client (Community Edition 21.2.3).
However, I cannot connect from local Command Prompt or MySQL Workbench. The response is not returned.
It seems to be hanged out. I allowed these apps to communicate via Windows Defender firewall.
Azure Cloud Shell
DBeaver
Command Prompt
MySQL Workbench
Firewall
What's wrong? Please help.
It looks like there is a problem with the latest MySQL 8.0.27 release. I've encountered the same issues you describe when trying to connect using the command line from different MacOS and Linux machines.
There 's also a bug reported here: https://bugs.mysql.com/bug.php?id=105288
I suggest you add your findings to it as well.
I tried a bunch of different things before simply rolling back to 8.0.26, which still works fine for me.
I am new to setting up SSL certificates on servers and would need some help to secure a MySQL database connection. I have a simple mobile app (client) which needs to connect to a remote MySQL database (server) connection. I am using AWS EC2 for the remote server and I have installed Let's Encrypt SSL certificates on a domain that I am hosting there. The machine runs on Ubuntu 18.04 and NGINX.
The same server also runs a MySQL database and I want to connect to it securely using a mobile app client. How can I encrypt the connection between the mobile app aclient and the MySQL database server?
I do have a static ip address for the database server but I am unable to install SSL certificates on the ip address directly. Only the domain name has an associated SSL certificate.
I did some digging around but was unable to find anything that serves my purpose. Any suggestion or reference to an article would greatly help.
This article provides a detailed step by step procedure for securing the connection between a remote MySQL database server and a client.
Securing a remote MySQL database server connection
I have tried many ways to debug my remote server but I am unable to do so. My ftp and sftp and remote db is configures to my phpstorm 9 but I cannot debug my remote server it is connecting to my mamp server and debugging ,y local files but not connecting to server username and password . Basically it fails at mysql_connect but works for mamp.How can I make it deubug with server.Everything else is synced with server but I cannot debug. I really appreciate any help.
Edit: Should I install x-debug on my server(cpanel) also ?
php.ini
[xdebug]
zend_extension="/usr/local/opt/php55-xdebug/xdebug.so"
xdebug.remote_enable=1
xdebug.remote_handler=dbgp
xdebug.remote_mode=req
xdebug.remote_host=127.0.0.1
xdebug.remote_port=9000
xdebug.idekey=PHPSTORM
xdebug.remote_connect_back=1
Maybe I didn't understand your question/problem. These are the ways you can debug your code
Debug the local code that uses the local database
This is the easiest setup and it probably already works on your system. You have all the files on the local computer and also you have an instance of MySQL running on it. The code connects to localhost:3306, the xdebug extension is installed and it can connect to PhpStorm, everybody is happy.
Debug the local code that uses the remote database
You can have all the PHP files on localhost and use the local mamp stack to debug it; you control the environment, xdebug works and happily collaborates with PhpStorm. You want the code to be able to use the remote (live) database.
In this case you need a way to access the database. Either you create a MySQL user that allows you to connect from the IP address of the local computer (a firewall along the way might prevent this), or start a ssh session that creates a tunnel from the local port 3306 (or any other open port you choose) to port 3306 of the database server (assuming the host where you ssh is allowed to connect to it). You can do this by running
ssh user#remote_host -L 3306:database_host:3306
(replace user, remote_host and database_host with your actual values)
If you have a MySQL server installed and running on localhost then the local port 3306 is not open and ssh cannot use it as the source port of the tunnel. Use another port instead (let's say you use 13306):
ssh user#remote_host -L 13306:database_host:3306
Modify the local configuration files of your application to use localhost as database server and 13306 as database port.
Debug the remote code
If you want to debug the live code (it uses the live database) then you have to upload the code on the web server (the live environment) and make it work there (be able to connect to the database etc).
In order to be able to debug it you need to have the xdebug PHP extension installed on the server and properly configured in the server's php.ini configuration file.
The debugger (the remote xdebug extension) needs to connect to your local computer where PhpStorm is listening on port 9000. This is either impossible or making it happen requires changing configuration here and there in several places (that might be out of your control); we better forget about it.
We can use the ssh tunnel trick: start a ssh connection to the server that creates a tunnel from local port 9000 to the servers port 9000:
ssh user#remote_host -L 9000:localhost:9000
Test if it works
PhpStorm provides a tool that uploads a script on the web server then tries to access it to check if the xdebug extension is properly configured. Depending on the version of PhpStorm you use, you can find it either in the menu (Run -> Web Server Debug Validation, on PhpStorm 9) or somewhere in the Settings (PHP -> Servers or around, on older versions).
I have installed MySQL on Ubuntu using SSH and would like to connect phpMyAdmin installed on a Windows machine.
I tried to add a server like standard server, but I can not log in to MySQL server using SSH.
Does phpMyAdmin support to connect a remote server using SSH? If yes, how can I configure a private key for phpMyAdmin or do I need a SSH client for this?
I think there's a bit of misunderstanding that might be hindering you sorting this out.
SSH is the Secure Shell protocol, which allows a user to remotely access the command line of a server. You can access MySQL via SSH by using SSH to start a command line session on the server and using the mysql command line client as if you were at the machine directly.
phpMyAdmin can connect to a local MySQL instance (where MySQL and your webserver run on the same machine) or connect to another machine through the network (where MySQL is running on one machine and your webserver is running on another -- the connection in this case is via the the port used by MySQL itself, 3306). In either case, you can access phpMyAdmin itself from any browser on the network; it just appears as any web page. The communication between MySQL and phpMyAdmin can be encrypted (via SSL) if you wish, but still happens via MySQL communication and not over SSH. At no point is SSH used for the communication from the web server to the MySQL server.
So in your case, since you wish to install phpMyAdmin on the Windows box, you'd simply edit your config.inc.php to connect to the IP address or hostname of the Ubuntu server with the $cfg['Servers'][$i]['host'] = 'hostname'; directive, using the actual hostname instead. You'd then access phpMyAdmin from anywhere on the network by using the hostname or IP address of the Windows machine.
If, instead, you wish to install phpMyAdmin on to the Ubuntu machine, you could use the host name 'localhost' in config.inc.php and then access phpMyAdmin from the Windows machine (or any other machine) using the Ubuntu IP address/host name in your web browser.
It all depends which machine you wish to be the web server. phpMyAdmin runs under IIS or Apache runs under Windows, but Ubuntu makes installing all the programs easy through the package manager, so that's what I generally do in this situation.
Hope that helps clear it up a bit.
Since our shared hosting server doesn't allow us to setup Tomcat I decided to install it on our local machine. The local Tomcat server allows us to listen to a certain port for Bancnet transactions which will then be processed and written to the remote site.
Question:
Is it safe for me to set the local PHP application to connect directly to the remote mySQL server? Any suggestions on how to make the connection secure. BTW, I have a self-signed certificate installed in the localhost but not sure how this applies to remote mySQL connection.
You could create a ssh tunnel between MySQL server and client. For more resiliency, use autossh.
If you don't connect over SSL or some other encrypted tunnel, I would absolutely assume that anything you send or receive from MySQL is done so in clear text that can be intercepted and used for malicious purposes from any link along the way. This might be fine for testing purposes with dummy data, but before you put this in production use or pull down live user data for testing, you really should either make arrangements for the data to be stored local to the web app or for there to be an encrypted connection.
Giving you a full overview of how to set up SSL connections to MySQL is beyond the scope of Stack Overflow and it's a bit complicated, but if you want to proceed, check out the documentation and do some research, there are some good informational resources out there.
I'm a bit confused as to the architecture you are trying to describe. What's running where?
If you can't install Tomcat then you probably won't be able to install anything like VPN software on the box.
MySQL can encrypt using SSL provided it has been enabled at compile time and at run time.
Alternatively, it should be fairly trivial to build a webservices tier on top of the remote database.
I would recommend switching to a VPS or managed host though.