is it possible to redirect entire mysql query to another server?
I've have many apps in differents server that comunicate with a single database (windows machine).
For transfer database (to a linux server) without change any IP inside many many php files (there are a lot of things that i don't know because is not my creation but is my legacy) there's something i can do?
Proxy?port forwarding?
Afaik, mysql implementations don't offer this functionality, however, you can "proxy" connections using an ssh tunnel like this:
ssh -N ssh-user#host.domain -L 3306:127.0.0.1:3306
This requires an ssh-server on the host that serves the mysql (on port 3306) and you having ssh-access to that machine. You run the command on the machine your php is excecuted from, then you can, as long as it runs, access the mysql host on "localhost". All requests will be securely tunneled to the remote mysql server.
The -L switch instructs ssh to forward tcp connections on local port 3306 to port 3306 on the machine you ssh to.
The -N switch instructs ssh to do just that and not run a command.
If you add the -f switch, the command will immidiately fork into background, which may be useful for this usecase.
You probably also want to use passwordless ssh
However, this is probably not a clean solution for production. I use this method only for development purposes and I'd suggest you fix your codebase on the long run (i.e. put your mysql configuration in a central place).
Related
I'm using wsl2 on a windows machine. I want to view my databases that I have on mysql server ubuntu in a GUI such as mysql workbench (on windows) but it seems as the two are not linked. In the pictures provided you can see that when I login to root, it displays different databases, I also use different passwords for root on both servers. When I try to use the root password from the ubuntu server in workbench, I get the error that I cannot connect to the database server.
Ubuntu databases
MySql workbench databases
MySql workbench config
MySql workbench error
UPDATE 2022
I found myself in this same need, and found a good resource that tackles this issue rather nicely. The solution itself predates even this question, funnily enough.
Long story short, check the following GitHub repository. Instructions are available and I can confirm it works on Windows 10.0.19041.1415 and WSL2.
https://github.com/shayne/go-wsl2-host
========================================================
WSL doesn't use the same IP as Windows, meaning you can't access it using localhost. Also, WSL IP changes everytime you boot it, meaning that the credentials for the connection will work only once.
In the sister community SuperUser, this has been discussed and some workarounds are avaliable, but I can't tell if they will work specifically with MySQL Workbench, as they ofter require you to use PowerShell/CMD.
Please, refer to the following discussions, which also provide further sources on the topic (There is one in particular that might be useful if you are running Windows 10 Pro).
Make IP address of WSL2 static
localhost and 127.0.0.1 working but not ip address in wsl windows 10
There are several requests to allow us to set WSL IP statically, so we can register it as a host in Windows DNS Host file and use that alias instead of the IP while setting up a connection (or use the IP itself, since it would be static anyway), but it is not ready yet AFAIK.
After reading the answer from #Jetto, I thought you could create a batchfile like this:
#ECHO OFF
wsl export wsl=$(hostname -I); sed -i -e "s/172.[0-9]*.[0-9]*.[0-9]*/${wsl/ /}/g" /mnt/c/Users/*username*/AppData/Roaming/MySQL/Workbench/connections.xml
This will replace the ip-address to the current ip-address of your wsl instance (relying on the fact that is starts with 172.)
If you start MySQL Workbench after running this script, you should be able to connect to MySQL (or MariaDB) which is running in the WSL2 session.
Disclaimer: I am not responsible for the fact that you did not make a backup of the file connections.xml 😉
P.S. In case you wonder: Yes this instance on my computer uses port 3356. But 3306 should work too if you do not have a local MySQL running.
I used this tutorial to connect to a remote MySQL database via SSH tunnel within PhpStorm. When I try to connect to this via PHP, the database is not found.
The URL that PhpStorm gives me is jdbc:mysql://localhost:3306/dbName
How can I connect to this database via PHP script? (running via the default built-in php server in PhpStorm).
"Connect PHP to database hosted within PhpStorm"
First of all -- PhpStorm does not host any databases (especially MySQL) -- it only can connect to them (it acts like built-in DB client/viewer/editor).
It uses own SSH tunnel (interacts with it directly in the code -- so DB connection is aware of such possibility).
Generally speaking -- for your PHP code to be able to connect to a remote database via SSH tunnel .. you should either:
establish such SSH connection in your code and then use it internally (not sure at all if PHP can do that, especially if DB-related routines can use it -- most likely not)..
or establish SSH tunnel outside as OS level so it's available to all processes. This way it will be transparent to your code (it will not be aware of tunnel thinking that it connects to local/remote DB in a "natural" way).
So the 2nd option is the way to go.
Here you can check how to setup such SSH tunnel -- it has examples fr=or Linux/Mac and Windows as well (you will have to adjust it for MySQL ports .. as those examples are for PHP debugging).
Ok so I've read this countless times that under Remote MySQL in your cpanel (I host with namecheap) that you shouldn't add 127.0.0.1 as a host to allow remote connection to your database since it could be a security risk.
However, I wanted to know if there is anyway I can connect to my MySQL database on my hosting server from my local machine.. instead of using the MySQL thing that comes with WAMP since I hate transferring databases back and forth after I develop for a week on my local machine. The data tends to not stay consistent over time and it gets tiring having to drop your database and reupload it with the newest tables.
So I was wondering if there was a way to allow this connection without exploiting a security risk? So I don't have to have two separate databases..? Unless it's safer to keep up with this practice..?
Thank you!
And I know the IP changes often on your machine (a dynamic IP I believe is what it's called) so is there anyway I can have an unlimited connection no matter if the IP changes?
I'm not sure why they would say not to add 127.0.0.1 - that's the local machine, which means that people from the outside can't access it. So you have skip-networking turned on and you're connecting through a local UNIX socket? Are you sure it didn't say not to add anything other than 127.0.0.1?
Do you have SSH access? If so, you can easily use SSH tunneling so that you'll only have to connect locally with a command like
ssh -L 3307:localhost:3306 -N yoursever.com
Then you connect locally on your home machine to port 3307 (you can make this 3306 but you said you develop your database locally as well, so in that case you'd need a different port). Then the packets go through SSH and magically appear at the database, looking as though they had come from the same machine. The security there is all done by SSH, which is great because it has "secure" right in the name, without opening additional ports (assuming that you have the SSH daemon running)
I have a web app that is supposed to be run on a single local machine (kiosk display), but I want the option to let a user make changes on the web (from any PC) and update the instance on their local PC (kiosk display). From what i imagine, the MySQL instance on the web server will just replace the MySQL instance on the local (kiosk display) machine. This can be done once nightly (doesnt have to be instantaneous).
Does anyone know of a way to do this? I am open to a product or coding it myself...
I will appreciate any info or brainstorm.
Thanks.
If the clients have fixed IPs, you can do this:
Create mySQL user accounts on server, allow them to log in from a specific IP range only, give them SELECT privileges
Install mysql client binaries on client PC
Use cron or the Windows Task Scheduler to do a remote mysqldump:
mysqldump -u username -h remote.server.com databasename > dump.txt
mysql -u local_username -h localhost databasename < dump.txt
this is not a perfect solution - the usual consensus is to have mySQL not accessible from the outside at all. But if you have fixed IPs, and can also maybe adjust the firewall to adjust mySQL connections from those IPs only, it's surely the easiest solution.
A safer solution might be:
Use a server side scripting language to build database dump locally and store it in a known directory
Install wget binaries on client side
Have the client side wget call the server side script (e.g. as a web page) that creates the dump
When the page has finished downloading (= the dump is done) start another wget, FTPing into the server (with very limited rights of course) and fetching the data dump just built - or, for security, use a safe protocol like sftp or scp/ssh. Putty has Windows binaries to that end.
Plain and simple, can anyone explain me how to connect to a mysql server through a proxy (socks4/5). Preferable via the mysql command line (although there are no options for that in the client).
If it's not possible through the mysql command line than ANY other method will work.
All you need is to install and configure tsocks (transparent socks). It's available in most if not all linux distibutions. Afterwards you only need to prefix your command with 'tsocks', for example:
tsocks mysql -h -P .....
To my knowledge, it can't be done through the command line because the mysql command does not support proxy connections.
If both client and server are on a UNIX machine and one of them is accessible from the outside, I suggest using an SSH tunnel. It's basically a securely tunneled TCP connection that can be used for anything and the local mysql command can connect to the tunnel port easily.
If that's no option, you could write some kind of wrapper executable. For example, Java and Ruby have libraries that enable you to talk to SOCKS proxies and hook those sockets up to a MySQL or JDBC protocol implementation. What happens then depends entirely on what you have planned next.
If you've got admin access to the proxy server would there be much mileage in installing MySQL Proxy on it?