I have really weird problem that I can't wrap my mind around. I'm using Debian Jessie for our servers. I've added testing repos and upgraded mysql version from 5.5 to 5.7.2 then setup private network between 2 servers:
Server A - 192.168.0.1 as database server
Server B - 192.168.0.2 as application server
I've created user and gave him all required privileges (i've tested multiple hosts and multiple variations of global and database privileges). Everything is working fine but randomly after couple days the user starts getting "Access denied" and can not log in to the database. Communication between servers works just fine, servers can ping each other and connection to mysql is not blocked as its sending Access Denied as response. I've flushed privileges many times and the user has no limits by default.
I've turned off firewall and checked system logs and I don't see anything even remotely related to my problem. I've tried all steps suggested by mysql docs where they suggest possible solutions to "Access Denied". I've tried with different app/database. I've tried many different users with both wildcard and classic hosts definitions, with different permissions and after couple days my application server is still getting "Access denied". If I log in locally on the database server and perform "Show grants" and "Show databases" everything seems fine - user has correct host and privileges yet can not log in remotely.
Application stack used for our apps is PHP with Symfony2/3. Is there anything I can do about it? Is there any software that could help me debug?
Related
I've been browsing the web and this site from other users which have had this issue and reading the comments to resolve however I've not had much luck and i'm going bonkers trying to work out the issue.
I have two servers - Win Server 2019 and both use XAMPP with Apache and MYSQL, the first server (1) has been running for over a year perfectly fine, however I'm setting up another server (2) to use as a test environment but with a fresh install of windows, xampp along with the Apache/MYSQL modules.
I'm using Invision Community application but I'm getting this upon the first page of installation:
MySQL Requirements
Fatal error: Uncaught mysqli_sql_exception: Access denied for user ''#'localhost' (using password: NO) in C:\xampp\htdocs\ips4.php:317 Stack trace: #0 C:\xampp\htdocs\ips4.php(317): mysqli->__construct('localhost') #1 C:\xampp\htdocs\ips4.php(340): my_mysqli->__construct('localhost') #2 {main} thrown in C:\xampp\htdocs\ips4.php on line 317
IPS4.php is just a file to state whether the server meets all the requirements for the application.
I've then compared MYSQL on (1) to the install on (2) and I've matched the details, given privileges to "root" user on all of the available databases within PHPMYADMIN, granted full grants and then reloaded them, restarted MYSQL and Apache and still same issue.
Normally the Invision software continues through to then request the database details, user details etc. but it hasn't got to that point yet.
The only differences I can see between both servers is (1) is running PHP 7.3.7 | Apache 2.4.39 | MySQL 5.0.12 and server (2) is running PHP 8.2.0 | Apache 2.4.54 | MySQL 8.2.0
I was hoping I would just install XAMPP and then transfer the files to install the software and then configure it to choose which DB/User and then install and get started but apparently not.
ROOT doesn't have a password on (2) but does on (1), when I add a password to (2), I'm then unable to access PHPMYADMIN and doesn't ask for a password to log in. I've spent a few hours today trying to resolve this but now I think I'd like some advice. Many thanks
Setting root password, then flushing privileges, granting full permissions on all databases, copying the mysql files from server (1) to server (2). uninstalling XAMPP and reinstalling.
I don't recall ever needing to do anything for permissions when I setup this software on server (1). I've also installed this software on a few linux servers but didn't enjoy using linux so I stopped using it.
EDIT: It seems it's using MariaDB 10.4.27
Set a password for root on (2).
Change the phpMyAdmin config.inc.php file,change
$cfg['Servers'][$i]['auth_type'] = 'cookie';
$cfg['Servers'][$i]['user'] = '';
$cfg['Servers'][$i]['password'] = '';
then phpMyAdmin will throw a login dialog and ask for a user/password
That should sort out the phpMyAdmin issue.
Big Note: You really should not be using the root account for any app/website access. Instead you should create a user account in MySQL/mariaDB one for each app/website that has access only to the database(s) required for that app/website. (Basic Security)
There was a user called "Any" hostname "%" which looks to be what was causing the issue, I gave it access to all databases (most likely wrong thing to do but it's internally accessed only - no access outside of our network).
This got rid of the error
Thanks for your help
I think I've seen a variety of similar posts on this topic, but am still unable to resolve my issue, so I figured I'd post with my specifics.
I have an Amazon AWS Linux EC2 instance running Tomcat7 web server. On the same machine I am also running a MySQL5 server, but I am unable to get the Tomcat app to talk to the MySQL database.
My Java app on tomcat tries to connect to MySQL by reading from a properties file:
jdbc.mysql.host.path=jdbc:mysql://localhost/
jdbc.mysql.schema=prod
jdbc.mysql.username=root
jdbc.mysql.password=<password>
I am accessing the app from another system via web browser, but when the app tries to connect to the database I get the following error in catalina.out:
java.sql.SQLException: Access denied for user 'root'#'localhost' (using password: YES)
I'm pretty sure the issue has to do with permissions and communication between Tomcat and MySQL, because I've written a simple java program utilizing the same code to read the same properties file, and the connection is made successfully.
Here are some things I have attempted to remedy the issue:
change the owner of the properties file (currently owned by 'Tomcat')
ensured that user 'root' has been granted all privileges in MySQL
ensured that port 3306 (MySQL default port) is accessible by my test server
updated iptables made various modifications to /etc/my.cnf file
(tried to bind ip, but that didn't work)
I have a hunch that the issue may be related to the fact that I am trying to access the MySQL database using user 'root'. Even though I'm accessing it via localhost, the system may not support this because MySQL treats this as access from a separate host and (maybe?) root access from other hosts isn't allowed?
Any suggestions on things to try would be greatly appreciated...
I believe the issue was a combination of things.
Here are some items to consider that ultimately fixed it for me:
- making sure you were accessing the correct app via browser (I was using ROOT app, but trying to connect to another one)
- making sure a user exists in MySQL using 'Create User ....'
- making sure all privileges are granted on the database in question, for some reason granting all privileges on . wasn't working for me
I am having issues attempting to access a local phpmyadmin; and I'm sure some people may have run into this issue before.
The issue seems to be arising from previous installations and configurations.
I have IIS installed, which naturally takes up port 80. However I have successfully installed WAMP and attached it to port 8080 so as to avoid conflicts. I have installed phpmyadmin to run from both platforms, however neither is working.
Through IIS the browser throws a 403.14 - Forbidden error whilst through WAMP phpmyadmin returns the following message
MySQL said:
1045 - Access denied for user 'root'#'localhost' (using password: NO)
I believe that at least one of these errors is due to an earlier installation of Wordpress through WebMatrix (which has gone predominantly unused) which changed the MySQL (5.1) username and password defaults.
Googling the issue resulted in what seemed a promising source which claimed that one can edit a file called config.inc.php which contains the password details which are used by phpmyadmin to log into the local MySQL db. However, I couldn't find such a file (instead one named config.sample.inc.php which contained some similar information contained in the tutorial, but crucially without the relevant password field).
This isn't an absolutely critical issue as hosted dbs are ultimately necessary, but local versions nevertheless ease development.
in case you do not find config.inc.php then you can create one..
for details you may check this link..
I'm facing a perplexing problem. I've completed a jsf web app that utlizes hibernate and infinispan with Tomcat7 and tomcat-jdbc-pool as the connection pool provider.
It is being deployed to a Linode cluster w/ 2 nodes -- one database server and one production server.
I can run the app on my local environment using the exact same copy of Tomcat7 (I literally tarred the tomcat directory and promoted it to the server to debug this error) -- even when connected to the live database instance. Everything runs fine.
When I attempt to run the application from the production server I get a MySQLIO error:
Caused by: java.net.ConnectException:
Connection refused
Looking further up in the logs i see:
The last packet sent successfully to
the server was 1 milliseconds ago. The
driver has not received any packets
from the server.
com.mysql.jdbc.exceptions.jdbc4.CommunicationsException:
Communications link failure
I can connect from the command line on the prodapp server just fine -- even using tcp:
mysql -h db01 -u user -p --protocol=tcp
But it just won't work running inside the Tomcat container. I've tried all kinds of things but I'm really stumped. It just seems strange that I can connect to the database server using the same copy of Tomcat7 locally but when deployed to production the same copy of tomcat7 can't connect -- even though I can connect from the command line on that production server ... I'm stumped.
Any help is greatly appreciated.
EDIT: Solved my problem after wasting too much good life on it. The answer was I'm stupid. Thanks to everyone who tried to help. I have the app moded w/ a dev and live mode and the connection pool was reading the dev mode this whole time. What really made it confusing is that the sessionfactory was moded to live so it would actually reach the live database and initialize a connection when it started up so i could see it connecting (and running meta data queries in the mysql log), but when it actually went to grab a connection from infinispan it blew up. Oh well -- at least it's working now. Thanks again.
If you're connecting to your MySQL database server from a different box, then you need to explicitly grant permission for that user account to connect from that IP.
You can do this whilst in the command line:
GRANT ALL PRIVILEGES ON *.* TO 'username'#'ip_address'
EDIT: Granting all permissions on all tables generally isn't required, be specific about what permissions you want to grant (http://dev.mysql.com/doc/refman/5.1/en/grant.html)
To see what permissions you currently have:
USE mysql;
SELECT * FROM users;
My apologies if I'm patronising you, just that this is the most common problem that I come across.
Problem
Users from other IPs on the (Windows XP) LAN suddenly cannot connect to my local MySQL server.
Background
I've set up MySQL on my local Windows computer so that other computers on the network have access to the root account. I've added each IP as a host for root. Up to some weeks ago, things worked flawlessly and I could connect to the server programatically and using various MySQL admin tools. Now, however, the MySQL server simply refuses connections from those IPs and I can't figure out why.
The network changes that I've done are: changing network card for two (of three) computers and fiddled around with MySQL settings. None of which should have caused this problem. I've tried adding a new user with all relevant hosts, but I get the same type of error:
MySQL Error number 1045 Access denied
for user 'root'#'shop' (using
passwords: YES)
The odd part is that the computer name, 'shop', is used instead of the IP. I don't know why.
Somehow, IPs seem to be resolved now and hostnames are used. Did you grant access to root#shop? Did you flush privileges?
First thing that pops into mind is Windows Firewall, which could have got re-enabled if you swapped NICs on the host computer.
My next suggestion would be to use a sniffer like Wireshark on the host computer and see what exactly happens packet-wise. You can use filters to make to reduce the output - they're very simple and easy to use. This tool has saved me countless hours of debugging.
-EDIT-
Another possible cause might be that your server somehow decided to resolve IPs to hostnames, in which case ip addresses may no longer work - one would need to add hostnames to the allowed list. Not sure if it works this way for MySQL though.
Could you have turned off TCP connections in MySQL?
Also, is the MySQL port open in your firewall?
If you changed your IP (DHCP?), make sure to correct it in my.cnf if you bound mysqld to your lan ip:
[mysqld]
...
bind-address=192.168.x.y