Plesk nginx Ubuntu 16 - external MySQL connection refused - mysql

I need external connection to MySQL. Using Plesk/Ubuntu 16/nginx. In firewall policy the port 3306 is allowed from any IP.
Is it somewhere else where it shall be allowed? If so, what file is needed to be edited?

You have to make changes to MySQL configuration, and allow remote access for the user.
1. Open MySQL configuration file. For RHEL-based distributions - /etc/my.cnf, for Debian-based - /etc/mysql/my.cnf.
2. Change bind-address parameter to bind-address = 0.0.0.0 and make sure that skip-networking parameter is not defined.
3. Restart MySQL daemon:
# service mysql restart
Or:
# service mysqld restart
Or:
# service mariadb restart
The service name depends on the installed MySQL version. You can do all three if you are not sure. It will do no harm unless the error was made in my.cnf.
4. Grant the access to remote IP address and login to MySQL. For example, if you want to allow access to database called database for user user with password password and remote IP address 203.0.113.2:
GRANT ALL ON database.* TO user#'203.0.113.2' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
To create a user that has access to all databases, execute the following query:
GRANT ALL PRIVILEGES ON *.* TO 'user'#'203.0.113.2' IDENTIFIED BY 'password' REQUIRE NONE WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;
FLUSH PRIVILEGES;
5. You can verify that MySQL server is listening on the correct IP address using netstat. Here is the desired output - 0.0.0.0 address:
# netstat -anp | grep :3306
tcp6 0 0 0.0.0.0:3306 :::* LISTEN 2723/mysqld

netstat result:
netstat -anp | grep :3306
tcp6 0 0 127.0.0.1:3306 :::* LISTEN 1003/mysqld

Related

Cyberpanel - how to enable remote sql connection with MYSQL Workbench [duplicate]

I have installed MySQL Community Edition 5.5 on my local machine and I want to allow remote connections so that I can connect from external source.
How can I do that?
That is allowed by default on MySQL.
What is disabled by default is remote root access. If you want to enable that, run this SQL command locally:
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
FLUSH PRIVILEGES;
And then find the following line and comment it out in your my.cnf file, which usually lives on /etc/mysql/my.cnf on Unix/OSX systems. In some cases the location for the file is /etc/mysql/mysql.conf.d/mysqld.cnf).
If it's a Windows system, you can find it in the MySQL installation directory, usually something like C:\Program Files\MySQL\MySQL Server 5.5\ and the filename will be my.ini.
Change line
bind-address = 127.0.0.1
to
#bind-address = 127.0.0.1
And restart the MySQL server (Unix/OSX, and Windows) for the changes to take effect.
After doing all of above I still couldn't login as root remotely, but Telnetting to port 3306 confirmed that MySQL was accepting connections.
I started looking at the users in MySQL and noticed there were multiple root users with different passwords.
select user, host, password from mysql.user;
So in MySQL I set all the passwords for root again and I could finally log in remotely as root.
use mysql;
update user set password=PASSWORD('NEWPASSWORD') where User='root';
flush privileges;
Just a note from my experience, you can find configuration file under this path /etc/mysql/mysql.conf.d/mysqld.cnf.
(I struggled for some time to find this path)
In my case I was trying to connect to a remote mysql server on cent OS. After going through a lot of solutions (granting all privileges, removing ip bindings,enabling networking) problem was still not getting solved.
As it turned out, while looking into various solutions,I came across iptables, which made me realize mysql port 3306 was not accepting connections.
Here is a small note on how I checked and resolved this issue.
Checking if port is accepting connections:
telnet (mysql server ip) [portNo]
Adding ip table rule to allow connections on the port:
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT
Would not recommend this for production environment, but if your iptables are not configured properly, adding the rules might not still solve the issue. In that case following should be done:
service iptables stop
Hope this helps.
All process for remote login. Remote login is off by default.You need to open it manually for all ip..to give access all ip
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' IDENTIFIED BY 'password';
Specific Ip
GRANT ALL PRIVILEGES ON *.* TO 'root'#'your_desire_ip' IDENTIFIED BY 'password';
then
flush privileges;
You can check your User Host & Password
SELECT host,user,authentication_string FROM mysql.user;
Now your duty is to change this
bind-address = 127.0.0.1
You can find this on
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
if you not find this on there then try this
sudo nano /etc/mysql/my.cnf
comment in this
#bind-address = 127.0.0.1
Then restart Mysql
sudo service mysql restart
Now enjoy remote login
Please follow the below mentioned steps inorder to set the wildcard remote access for MySQL User.
(1) Open cmd.
(2) navigate to path C:\Program Files\MySQL\MySQL Server 5.X\bin and
run this command.
mysql -u root -p
(3) Enter the root password.
(4) Execute the following command to provide the permission.
GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'#'IP' IDENTIFIED BY
'PASSWORD';
USERNAME: Username you wish to connect to MySQL server.
IP: Public IP address from where you wish to allow access to MySQL
server.
PASSWORD: Password of the username used.
IP can be replaced with % to allow user to connect from any IP
address.
(5) Flush the previleges by following command and exit.
FLUSH PRIVILEGES;
exit;
or \q
I had to this challenge when working on a Java Project with MySQL server as the database.
Here's how I did it:
First, confirm that your MySQL server configuration to allow for remote connections. Use your preferred text editor to open the MySQL server configuration file:
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
Scroll down to the bind-address line and ensure that is either commented out or replaced with 0.0.0.0 (to allow all remote connections) or replaced with Ip-Addresses that you want remote connections from.
Once you make the necessary changes, save and exit the configuration file. Apply the changes made to the MySQL config file by restarting the MySQL service:
sudo systemctl restart mysql
Next, log into the MySQL server console on the server it was installed:
mysql -u root -p
Enter your mysql user password
Check the hosts that the user you want has access to already. In my case the user is root:
SELECT host FROM mysql.user WHERE user = "root";
This gave me this output:
+-----------+
| host |
+-----------+
| localhost |
+-----------+
Next, I ran the command below to grant the root user remote access to the database named my_database:
USE my_database;
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' IDENTIFIED BY 'my-password';
Note: % grants a user remote access from all hosts on a network. You can specify the Ip-Address of the individual hosts that you want to grant the user access from using the command - GRANT ALL PRIVILEGES ON *.* TO 'root'#'Ip-Address' IDENTIFIED BY 'my-password';
Afterwhich I checked the hosts that the user now has access to. In my case the user is root:
SELECT host FROM mysql.user WHERE user = "root";
This gave me this output:
+-----------+
| host |
+-----------+
| % |
| localhost |
+-----------+
Finally, you can try connecting to the MySQL server from another server using the command:
mysql -u username -h mysql-server-ip-address -p
Where u represents user, h represents mysql-server-ip-address and p represents password. So in my case it was:
mysql -u root -h 34.69.261.158 -p
Enter your mysql user password
You should get this output depending on your MySQL server version:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.7.31 MySQL Community Server (GPL)
Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
Resources: How to Allow Remote Connections to MySQL
That's all.
I hope this helps
Close comment at link /etc/mysql/mysql.conf.d/mysqld.cnf or /etc/mysql/my.cnf:
bind-address = 127.0.0.1 =>> #bind-address = 127.0.0.1
Change the hostname so that all machines can access it, run this SQL command locally:
UPDATE mysql.user SET Host='%' WHERE Host='localhost' AND User='root';
FLUSH PRIVILEGES;
Restart service:
sudo service mysql restart
Open port mysql:
sudo ufw allow 3306
If your MySQL server process is listening on 127.0.0.1 or ::1 only then you will not be able to connect remotely. If you have a bind-address setting in /etc/my.cnf this might be the source of the problem.
You will also have to add privileges for a non-localhost user as well.
If you installed MySQL from brew it really does only listen on the local interface by default. To fix that you need to edit /usr/local/etc/my.cnf and change the bind-address from 127.0.0.1 to *.
Then run brew services restart mysql.
Just F.Y.I
I pulled my hair out with this problem for hours.. finally I call my hosting provider and found that in my case using a cloud server that in the control panel for 1and1 they have a secondary firewall that you have to clone and add port 3306. Once added I got straight in..
For whom it needs it, check firewall port 3306 is open too, if your firewall service is running.
This blog How to setup a MySQL server on Local Area Network will be useful in setting up a MySQL from scratch
If mysqld has a bind address set to a loopback/local address (e.g. 127.0.0.1), the server will not be reachable from remote hosts, because a loopback interface cannot be reached from any remote host.
Set this option to 0.0.0.0 (:: for IPv4+6) to accept connections from any host, or to another externally-reachable address if you want to only allow connections on one interface.
Source
And for OS X people out there be aware that the bind-address parameter is typically set in the launchd plist and not in the my.ini file. So in my case, I removed <string>--bind-address=127.0.0.1</string> from /Library/LaunchDaemons/homebrew.mxcl.mariadb.plist.
Enabling remote root access can be dangerous. It would be preferable if you were to set up user accounts with more restrictive permissions. The following three steps should do it.
Ensure that the line starting with bind-address ... is at least commented out in your my.ini or my.cnf file. If it doesn't exist, move on.
You can find this file in C:\ProgramData\MySQL\MySQL Server 8.0 on Windows.
Afterwards, check that the user account you are establishing the connection with does not have localhost in the Limit to Hosts Matching field. While it isn't recommended, you can instead put % in that field for testing purposes. You can do this by opening a local connection to the server with MySQL Workbench, then going to Server>Users and Privileges from the menu bar and finding the user account you want to connect with.
The "Limit to Hosts Matching" field is what disallows you to connect non-locally. I.e. it limits the accepted connections to a pattern of IP addresses. Ideally, you should be accessing the MySQL server from a static IP address or subnet, so that you can be as restrictive as possible.
Obviously, your firewall should allow the MySQL Server application to communicate over the port you want. The physical networking equipment in between you and your server should allow communication on the port you want to connect with. (port 3306 typically)
MySQL 8 no longer allows you to create a user using the GRANT command. You need to create the user first.
CREATE USER 'root'#'%' IDENTIFIED BY 'PASSWORD';
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
some times need to use name of pc on windows
first step) put in config file of mysql:
mysqld.cnf SET bind-address= 0.0.0.0
(to let recibe connections over tcp/ip)
second step) make user in mysql, table users, with name of pc on windows propierties, NOT ip
Check remote server grant permission to Wildcard access to port 3306:
sudo lsof -i -P -n | grep LISTEN
It should NOT be same like this:
mysqld 23083 mysql 21u IPv4 145900142 0t0 TCP
127.0.0.1:3306 (LISTEN)
In this case, we need to update /etc/mysql/mysql.conf.d/mysqld.cnf or /etc/mysql/mariadb.conf.d/50-server.cnf with:
bind-address = 127.0.0.1 --> 0.0.0.0
And then restart mysql "sudo service mysql restart"
In order to test mySQL connection from a client:
nc -vz <host_address> 3306

Connect to Mysql database from remote

Problem:
I have server where is install Laravel app and database. But i want share same database with another server. And i want enable remote access.
What i tried:
I changed config file /etc/mysql/mysql.conf
commented out bind-address = 127.0.0.1
Also changed to bind-address = 0.0.0.0 or bind-address = *, not helps
(this is what everywhere i found to do)
ufw is disabled
netstat -ltn returns
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN
isn't 127.0.0.1:3306 suppose to be 0.0.0.1:3306?
I try connect from another server
mysql -h xxx.xxx.xxx.xxx -u pf_remote -p
i got error
Can't connect to MySQL server on 'xxx.xxx.xxx.xxx' (111)
I think that port is not open, but where else i can open. Do i miss something?
Find mysql.conf and set
bind-address=0.0.0.0
Then login to MySQL and run below 2 commands
GRANT ALL PRIVILEGES ON *.* TO 'pf_remote'#'%' IDENTIFIED BY 'your_password' with grant option;
flush privileges;
then
sudo service mysql restart
Then also make sure you do not have any firewall blocking connections, check by
sudo ufw status
If its enabled, then allow remote connections to MySQL port
sudo ufw allow 3306 && sudo ufw reload
If you are using Amazon Web Services server then allowing connections from within shell won't work, you will have to allow connections from AWS Dashboard
Try to grant priviliges to user for remote access:
mysql> GRANT ALL ON yourDatabase.* TO user#'1.2.3.4' IDENTIFIED BY 'yourPassword';
Also please remember to restart your mysql service after config changes:
sudo /etc/init.d/mysql restart

MYSql config bind-address set to 0.0.0.0 but netstat shows different on Ubuntu

Following this thread. I've successfully edited my my.cnf file to comment out the #bind-address value and also tried to specify 0.0.0.0 and the specific IP address I want to allow connections.
I do notice that while doing this my.cnf is linked like:
lrwxrwxrwx 1 root root 24 Sep 9 06:21 my.cnf -> /etc/alternatives/my.cnf
and then this my.cnf is also linked:
lrwxrwxrwx 1 root root 20 Sep 9 06:23 my.cnf -> /etc/mysql/mysql.cnf
So in reality, I'm editing the mysql.cnf file.
I stop/start the MYSQL server.
I then run the netstat -nat | grep :3306 and it gives me a:
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN
I then go over to the client and get the Can't connect to MySQL server on 'server_name'
What am I doing wrong?
the bind address to 0.0.0.0 is just part of the steps for allowing it to accept remote connections. Those steps include the rem'ing out explicitly with # skip-networking
[mysqld]
bind-address = 0.0.0.0
# skip-networking
And a server restart.
You then need a user,host combo for login and ideally a GRANT to a db to use with adequate (not excessive) rights.
You can see your current users with select user,host from mysql.user
Please see the MySQL Manual page on GRANT Syntax.
I wrote a little answer Here about the wildcard % host and other minor details.
An illustration for a test is below:
create schema testDB007;
use testDB007;
create table t1
( id int not null
);
CREATE USER 'jeffrey123z'#'%' IDENTIFIED BY 'mypass123^';
-- note password is mypass123^
GRANT ALL ON testDB007.* TO 'jeffrey123z'#'%';
SHOW GRANTS FOR 'jeffrey123z'#'%';
Now, the blue row above (USAGE) means almost nothing other than the user can login and that is it. The 2nd row shows the PRIVILEGES for the db from the GRANT cmd.
View user in mysql.user:
Concerning the above picture,
select user,host,password from mysql.user where user='jeffrey123z';
select user,host,authentication_string from mysql.user where user='jeffrey123z';
The first query above is for prior to MySQL 5.7. The second query is for 5.7 and after. The password is hashed. The host is the wildcard % meaning login from any host.
I had the same issue: mysql configured correctly, sudo systemctl restart mysql seemed to work fine, but sudo lsof -i -P -n | grep 3306 still gave me TCP 127.0.0.1:3306 (LISTEN) instead of the expected TCP *:3306 (LISTEN), and I noticed from ps aux | grep mysql that /usr/bin/mysqld hadn't actually been restarted.
A full reboot was necessary for my new settings to take effect.

Remote Connections Mysql Ubuntu

For some reason, I've been unable to connect remotely to my MySQL server. I've tried everything and I'm still getting errors.
root#server1:/home/administrator# mysql -u monty -p -h www.ganganadores.cl
Enter password:
ERROR 1045 (28000): Access denied for user 'monty'#'server1.ganganadores.cl' (using password: YES)
Now, I've tried running
GRANT ALL ON *.* to monty#localhost IDENTIFIED BY 'XXXXX';
GRANT ALL ON *.* to monty#'%' IDENTIFIED BY 'XXXXXX';`
and still nothing!
What I'm doing wrong?
EDIT: my.cnf has commented out the bind ip .
To expose MySQL to anything other than localhost you will have to have the following line
For mysql version 5.6 and below
uncommented in /etc/mysql/my.cnf and assigned to your computers IP address and not loopback
For mysql version 5.7 and above
uncommented in /etc/mysql/mysql.conf.d/mysqld.cnf and assigned to your computers IP address and not loopback
#Replace xxx with your IP Address
bind-address = xxx.xxx.xxx.xxx
Or add a
bind-address = 0.0.0.0 if you don't want to specify the IP
Then stop and restart MySQL with the new my.cnf entry. Once running go to the terminal and enter the following command.
lsof -i -P | grep :3306
That should come back something like this with your actual IP in the xxx's
mysqld 1046 mysql 10u IPv4 5203 0t0 TCP xxx.xxx.xxx.xxx:3306 (LISTEN)
If the above statement returns correctly you will then be able to accept remote users. However for a remote user to connect with the correct priveleges you need to have that user created in both the localhost and '%' as in.
CREATE USER 'myuser'#'localhost' IDENTIFIED BY 'mypass';
CREATE USER 'myuser'#'%' IDENTIFIED BY 'mypass';
then,
GRANT ALL ON *.* TO 'myuser'#'localhost';
GRANT ALL ON *.* TO 'myuser'#'%';
and finally,
FLUSH PRIVILEGES;
EXIT;
If you don't have the same user created as above, when you logon locally you may inherit base localhost privileges and have access issues. If you want to restrict the access myuser has then you would need to read up on the GRANT statement syntax HERE If you get through all this and still have issues post some additional error output and the my.cnf appropriate lines.
NOTE: If lsof does not return or is not found you can install it HERE based on your Linux distribution. You do not need lsof to make things work, but it is extremely handy when things are not working as expected.
UPDATE: If even after adding/changing the bind-address in my.cnf did not work, then go and change it in the place it was originally declared:
/etc/mysql/mariadb.conf.d/50-server.cnf
Add few points on top of apesa's excellent post:
1) You can use command below to check the ip address mysql server is listening
netstat -nlt | grep 3306
sample result:
tcp 0 0 xxx.xxx.xxx.xxx:3306 0.0.0.0:* LISTEN
2) Use FLUSH PRIVILEGES to force grant tables to be loaded if for some reason the changes not take effective immediately
GRANT ALL ON *.* TO 'user'#'localhost' IDENTIFIED BY 'passwd' WITH GRANT OPTION;
GRANT ALL ON *.* TO 'user'#'%' IDENTIFIED BY 'passwd' WITH GRANT OPTION;
FLUSH PRIVILEGES;
EXIT;
user == the user u use to connect to mysql ex.root
passwd == the password u use to connect to mysql with
3) If netfilter firewall is enabled (sudo ufw enable) on mysql server machine, do the following to open port 3306 for remote access:
sudo ufw allow 3306
check status using
sudo ufw status
4) Once a remote connection is established, it can be verified in either client or server machine using commands
netstat -an | grep 3306
netstat -an | grep -i established
MySQL only listens to localhost, if we want to enable the remote access to it, then we need to made some changes in my.cnf file:
sudo nano /etc/mysql/my.cnf
We need to comment out the bind-address and skip-external-locking lines:
#bind-address = 127.0.0.1
# skip-external-locking
After making these changes, we need to restart the mysql service:
sudo service mysql restart
You are using ubuntu 12 (quite old one)
First, Open the /etc/mysql/mysql.conf.d/mysqld.cnf file (/etc/mysql/my.cnf in Ubuntu 14.04 and earlier versions
Under the [mysqld] Locate the Line,
bind-address = 127.0.0.1
And change it to,
bind-address = 0.0.0.0
or comment it
Then, Restart the Ubuntu MysQL Server
systemctl restart mysql.service
Now Ubuntu Server will allow remote access to the MySQL Server, But still you need to configure MySQL users to allow access from any host.
User must be 'username'#'%' with all the required grants
To make sure that, MySQL server listens on all interfaces, run the netstat command as follows.
netstat -tulnp | grep mysql
Hope this works !
If testing on Windows, don't forget to open port 3306.
In my case I was using MySql Server version: 8.0.22
I had to add
bind-address = 0.0.0.0
and change this line to be
mysqlx-bind-address = 0.0.0.0
in file at
/etc/mysql/mysql.conf.d
then restart MySQL by running
sudo service mysql restart
I was facing the same problem when I was trying to connect Mysql to a Remote Server. I had found out that I had to change the bind-address to the current private IP address of the DB server.
But when I was trying to add the bind-address =0.0.0.0 line in my.cnf file, it was not understanding the line when I tried to create a DB.
Upon searching, I found out the original place where bind-address was declared.
The actual declaration is in : /etc/mysql/mariadb.conf.d/50-server.cnf
Therefore I changed the bind-address directly there and then all seems working.

MySQL: How to allow remote connection to mysql

I have installed MySQL Community Edition 5.5 on my local machine and I want to allow remote connections so that I can connect from external source.
How can I do that?
That is allowed by default on MySQL.
What is disabled by default is remote root access. If you want to enable that, run this SQL command locally:
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
FLUSH PRIVILEGES;
And then find the following line and comment it out in your my.cnf file, which usually lives on /etc/mysql/my.cnf on Unix/OSX systems. In some cases the location for the file is /etc/mysql/mysql.conf.d/mysqld.cnf).
If it's a Windows system, you can find it in the MySQL installation directory, usually something like C:\Program Files\MySQL\MySQL Server 5.5\ and the filename will be my.ini.
Change line
bind-address = 127.0.0.1
to
#bind-address = 127.0.0.1
And restart the MySQL server (Unix/OSX, and Windows) for the changes to take effect.
After doing all of above I still couldn't login as root remotely, but Telnetting to port 3306 confirmed that MySQL was accepting connections.
I started looking at the users in MySQL and noticed there were multiple root users with different passwords.
select user, host, password from mysql.user;
So in MySQL I set all the passwords for root again and I could finally log in remotely as root.
use mysql;
update user set password=PASSWORD('NEWPASSWORD') where User='root';
flush privileges;
Just a note from my experience, you can find configuration file under this path /etc/mysql/mysql.conf.d/mysqld.cnf.
(I struggled for some time to find this path)
In my case I was trying to connect to a remote mysql server on cent OS. After going through a lot of solutions (granting all privileges, removing ip bindings,enabling networking) problem was still not getting solved.
As it turned out, while looking into various solutions,I came across iptables, which made me realize mysql port 3306 was not accepting connections.
Here is a small note on how I checked and resolved this issue.
Checking if port is accepting connections:
telnet (mysql server ip) [portNo]
Adding ip table rule to allow connections on the port:
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT
Would not recommend this for production environment, but if your iptables are not configured properly, adding the rules might not still solve the issue. In that case following should be done:
service iptables stop
Hope this helps.
All process for remote login. Remote login is off by default.You need to open it manually for all ip..to give access all ip
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' IDENTIFIED BY 'password';
Specific Ip
GRANT ALL PRIVILEGES ON *.* TO 'root'#'your_desire_ip' IDENTIFIED BY 'password';
then
flush privileges;
You can check your User Host & Password
SELECT host,user,authentication_string FROM mysql.user;
Now your duty is to change this
bind-address = 127.0.0.1
You can find this on
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
if you not find this on there then try this
sudo nano /etc/mysql/my.cnf
comment in this
#bind-address = 127.0.0.1
Then restart Mysql
sudo service mysql restart
Now enjoy remote login
Please follow the below mentioned steps inorder to set the wildcard remote access for MySQL User.
(1) Open cmd.
(2) navigate to path C:\Program Files\MySQL\MySQL Server 5.X\bin and
run this command.
mysql -u root -p
(3) Enter the root password.
(4) Execute the following command to provide the permission.
GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'#'IP' IDENTIFIED BY
'PASSWORD';
USERNAME: Username you wish to connect to MySQL server.
IP: Public IP address from where you wish to allow access to MySQL
server.
PASSWORD: Password of the username used.
IP can be replaced with % to allow user to connect from any IP
address.
(5) Flush the previleges by following command and exit.
FLUSH PRIVILEGES;
exit;
or \q
I had to this challenge when working on a Java Project with MySQL server as the database.
Here's how I did it:
First, confirm that your MySQL server configuration to allow for remote connections. Use your preferred text editor to open the MySQL server configuration file:
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
Scroll down to the bind-address line and ensure that is either commented out or replaced with 0.0.0.0 (to allow all remote connections) or replaced with Ip-Addresses that you want remote connections from.
Once you make the necessary changes, save and exit the configuration file. Apply the changes made to the MySQL config file by restarting the MySQL service:
sudo systemctl restart mysql
Next, log into the MySQL server console on the server it was installed:
mysql -u root -p
Enter your mysql user password
Check the hosts that the user you want has access to already. In my case the user is root:
SELECT host FROM mysql.user WHERE user = "root";
This gave me this output:
+-----------+
| host |
+-----------+
| localhost |
+-----------+
Next, I ran the command below to grant the root user remote access to the database named my_database:
USE my_database;
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' IDENTIFIED BY 'my-password';
Note: % grants a user remote access from all hosts on a network. You can specify the Ip-Address of the individual hosts that you want to grant the user access from using the command - GRANT ALL PRIVILEGES ON *.* TO 'root'#'Ip-Address' IDENTIFIED BY 'my-password';
Afterwhich I checked the hosts that the user now has access to. In my case the user is root:
SELECT host FROM mysql.user WHERE user = "root";
This gave me this output:
+-----------+
| host |
+-----------+
| % |
| localhost |
+-----------+
Finally, you can try connecting to the MySQL server from another server using the command:
mysql -u username -h mysql-server-ip-address -p
Where u represents user, h represents mysql-server-ip-address and p represents password. So in my case it was:
mysql -u root -h 34.69.261.158 -p
Enter your mysql user password
You should get this output depending on your MySQL server version:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.7.31 MySQL Community Server (GPL)
Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
Resources: How to Allow Remote Connections to MySQL
That's all.
I hope this helps
Close comment at link /etc/mysql/mysql.conf.d/mysqld.cnf or /etc/mysql/my.cnf:
bind-address = 127.0.0.1 =>> #bind-address = 127.0.0.1
Change the hostname so that all machines can access it, run this SQL command locally:
UPDATE mysql.user SET Host='%' WHERE Host='localhost' AND User='root';
FLUSH PRIVILEGES;
Restart service:
sudo service mysql restart
Open port mysql:
sudo ufw allow 3306
If your MySQL server process is listening on 127.0.0.1 or ::1 only then you will not be able to connect remotely. If you have a bind-address setting in /etc/my.cnf this might be the source of the problem.
You will also have to add privileges for a non-localhost user as well.
If you installed MySQL from brew it really does only listen on the local interface by default. To fix that you need to edit /usr/local/etc/my.cnf and change the bind-address from 127.0.0.1 to *.
Then run brew services restart mysql.
Just F.Y.I
I pulled my hair out with this problem for hours.. finally I call my hosting provider and found that in my case using a cloud server that in the control panel for 1and1 they have a secondary firewall that you have to clone and add port 3306. Once added I got straight in..
For whom it needs it, check firewall port 3306 is open too, if your firewall service is running.
This blog How to setup a MySQL server on Local Area Network will be useful in setting up a MySQL from scratch
If mysqld has a bind address set to a loopback/local address (e.g. 127.0.0.1), the server will not be reachable from remote hosts, because a loopback interface cannot be reached from any remote host.
Set this option to 0.0.0.0 (:: for IPv4+6) to accept connections from any host, or to another externally-reachable address if you want to only allow connections on one interface.
Source
And for OS X people out there be aware that the bind-address parameter is typically set in the launchd plist and not in the my.ini file. So in my case, I removed <string>--bind-address=127.0.0.1</string> from /Library/LaunchDaemons/homebrew.mxcl.mariadb.plist.
Enabling remote root access can be dangerous. It would be preferable if you were to set up user accounts with more restrictive permissions. The following three steps should do it.
Ensure that the line starting with bind-address ... is at least commented out in your my.ini or my.cnf file. If it doesn't exist, move on.
You can find this file in C:\ProgramData\MySQL\MySQL Server 8.0 on Windows.
Afterwards, check that the user account you are establishing the connection with does not have localhost in the Limit to Hosts Matching field. While it isn't recommended, you can instead put % in that field for testing purposes. You can do this by opening a local connection to the server with MySQL Workbench, then going to Server>Users and Privileges from the menu bar and finding the user account you want to connect with.
The "Limit to Hosts Matching" field is what disallows you to connect non-locally. I.e. it limits the accepted connections to a pattern of IP addresses. Ideally, you should be accessing the MySQL server from a static IP address or subnet, so that you can be as restrictive as possible.
Obviously, your firewall should allow the MySQL Server application to communicate over the port you want. The physical networking equipment in between you and your server should allow communication on the port you want to connect with. (port 3306 typically)
MySQL 8 no longer allows you to create a user using the GRANT command. You need to create the user first.
CREATE USER 'root'#'%' IDENTIFIED BY 'PASSWORD';
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
some times need to use name of pc on windows
first step) put in config file of mysql:
mysqld.cnf SET bind-address= 0.0.0.0
(to let recibe connections over tcp/ip)
second step) make user in mysql, table users, with name of pc on windows propierties, NOT ip
Check remote server grant permission to Wildcard access to port 3306:
sudo lsof -i -P -n | grep LISTEN
It should NOT be same like this:
mysqld 23083 mysql 21u IPv4 145900142 0t0 TCP
127.0.0.1:3306 (LISTEN)
In this case, we need to update /etc/mysql/mysql.conf.d/mysqld.cnf or /etc/mysql/mariadb.conf.d/50-server.cnf with:
bind-address = 127.0.0.1 --> 0.0.0.0
And then restart mysql "sudo service mysql restart"
In order to test mySQL connection from a client:
nc -vz <host_address> 3306