I'm trying to connect to mysql instance on rds via worpress, but I get this error:
Warning: mysql_connect(): Unknown MySQL server host '***********************' (111) in /var/www/html/wp-includes/wp-db.php on line 1568
Error establishing a database connection...
As I have read, (111) is for permission error. But I'm able to connect to the instance via workbench. In fact I was able to connect via wordpress earlier too.
This is driving me crazy. Please help. (My wp-config.php is correct. Checked it a 1000 times)
The following checks have to be done:
The subnet group for RDS needs to have inbound traffic enabled from the subnet group that has the WordPress server installed.
Make sure all NACL rules that control traffic between the subnets are not blocking this traffic
The WP server subnet group should not be blocking outgoing traffic to the RDS group. If needed add the RDS subnet group to the outgoing traffic from the EC2 instance hosting the WP server.
Related
I'm trying to debug an ODBC connection failing to a MySQL instance on aws rds. The connection works on all but a single machine. This machine is connected to large financial systems network, so I assume it would be the firewall.
So far, I've..
made rds instance public accessable
whitelisted the machine's IP
had their network folks open port 3306 on machine.
network folks confirmed data is going out port 3306, but nothing is coming back.
traced on machine's odbc log...10060 error (usually inbound rule to RDS error..)
opened ALL inbound to RDS to accept from all (0.0.0.0/0 ) - still get error
setup the RDS instance error log, but doesn't record these failed connects. It seems to only log if it is a user/password fail..?
my questions:
is there an aws rds log that would show these failed attempts?
does windows firewall on port 3306 also need an inbound rule? Or does opening it assume inbound/outbound?
Again - all the other machines are able to access the rds mysql fine. Only this one can not connect - and i am sure it's very protected, due to its access to major financial systems.
any ideas what else I can try?
thanks!
On your security group you will need to enable for public access (or just your IP), and sometimes it can take a long time to apply these changes, for me it took 5 hours once upon ago;
So I believe the issue is that on firewall setup, they are allowing incoming on 3306 only if its a secured connection (using ipSec I believe).
i'll likely need to look into a vpn to connect to AWS rds.
I'm trying to connect to my new AWS RDS I just made.
I followed the "Setting up for RDS" (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SettingUp.html), then the "Tutorial: Create an Amazon VPC for Use with a DB Instance" (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Tutorials.WebServerDB.CreateVPC.html), then the "Creating a MySQL DB Instance and Connecting to a Database on a MySQL DB Instance" (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_GettingStarted.CreatingConnecting.MySQL.html) but I'm not able to connect to my DB from my computer or my dedicated server on the web.
Following the previous docs, I have this config :
My DB instance
The VPC
The subnetworks
Example of subnetwork's details :
The first security group :
The second security group, calling the first one :
For the first security group, I put both my private IP and the IP of my dedicated server, and their ports.
I even tried to put 0.0.0.0/0 for SSH and TCP, it didn't work either.
For the DB instance, I tried to add the two security group instead of only the db-securitygroup, it didn't work.
I tried to use a different Port for the DB instance, it didn't work.
With MySQL Workbench or with PDO on my dedicated server, I'm unable to connect to the DB : "SQLSTATE[HY000] [2003] Can't connect to MySQL server on [...]"
I think your security groups are incorrect. If the RDS instance is the only thing you currently have running in the VPC, then you should only have one security group, which is assigned to the RDS server, and that security group should have a rule for port 3306 that allows ingress from your personal IP address, and your dedicated server's IP address.
Take a look to this instruction, pay attention to step 3, 4 and 5. It is for ElasticSearch but I think in your case steps are similar
I am trying to connect to my database from local machine but I am getting the following error.
ERROR 2003 (HY000): Can't connect to MySQL server on 'finaltesting2.cluster-cxtmwsuqx4ty.us-east-1.rds.amazonaws.com' (110)
Things I have done:
1: Changed the vps security group for inbound traffic. For testing purpose, I have even allowed all TCP traffic from all of the IP range
2: I don't have any firewall on my local machine that is blocking me to connect to port 3306
3: I have already looked many similar issues on stackoverlow and the answers is just to change the inbound rules but its not working for me.
4: I have proper internet connection for my local machine. i-e no network issue
Aurora Serverless (and may other AWS DB offerings - like Amazon Neptune, DocDB etc) are VPC only. You can still connect to them outside of the VPC with some additional setup. I've elaborated a few here: [1] [2]
[1] Connect to Neptune on AWS from local machine
[2] AWS Aurora MySQL serverless: how to connect from MySQL Workbench
Note that the above solutions are for non production setups. If you need something more resilient, you would need to have more infra in place. For example - If you are using an ALB to expose your DB endpoint outside of the VPC, then you need to have mechanisms that would make sure that the ALB is always pointing to the right IP of the DB instance, as IPs are bound to change when failover and host replacements happen. Do keep that in mind.
I am having trouble connecting to my RDS MySQL Database.
My current Set up:
Django 1.9+
AWS - Launched an EC2 Instance (Amazon Linux). Launched an RDS instance of MySQL (5.6.7). I created a Virtual PC (VPC) for the EC2 instance and RDS instance, and in that group created several security rules so the EC2 instance could connect to the MySQL RDS. Below are the security rules I use and associate with the VPC.
Inbound Rules: (Type, Protocol, Port Range, Source)
1. Http , TCP, 80 , 0.0.0.0/0
2. SSH , TCP, 22 , <homePC address>/32
3. HTTPS, TCP, 443, 0.0.0.0/0
4. MYSQL/Aurora, TCP, 3306, source (my created security group)
Nginx - Serving my content redirecting from port 80 to port 443. I created SSL certificates in order to make my site secure. I correctly served my Django application, and the static files. Nginx serves everything great!
Previously I was able to connect to my RDS instance. I did not set up an elastic IP at that point in time, as it took some time to transfer my domain over to Route53 (amazons DNS). I successfully was able to transfer it, and associate it with my EC2 instance and even start my application
The problems -
First Problem I cannot connect to the RDS from my EC2 instance. I have checked my django settings file and the secret file (the one that feeds my settings file with sensitive information which I keep out of version control). Here are examples of my settings for the mysql connection - I changed them obviously
"DATABASE_NAME":"myDatabase",
"DATABASE_USERNAME": "myUsername",
"DATABASE_PASSWORD": "myPassword123",
I double checked the username and password in the RDS console, and even reset the password.
After I went ahead and activated my virtual environment and attempted to connect.
python manage.py dbshell
My Error was
ERROR 1045 (28000): Access denied for user 'myUsername'#'<private IP address from Elastic IP>' (using password: YES)
Notive the user name is not what I utilized in the settings. It changed. I feel this is the root cause of the problem, but am unsure why Django would change my username in such a manner.
Second Problem - I also try to connect to the database directly using mysql. I double check my endpoint, username and password are correct, but also run into trouble connecting.
Note - As I said, I was able to connect in both manners listed above before acquiring my IP address. Thus my troubles are configuring security rules to allow a permanent IP address, and being unable to use TCP connect to use the Mysql client to log in.
Thanks in advance.
I have an AWS RDS MySQL instance that I'm able to connect to from my personal desktop using MySQL workbench and a PHP page, but once I put the PHP page on my webserver, I get the following error:
Error: Unable to connect to MySQL. Debugging errno: 2003 Debugging error: Can't connect to MySQL server on '[SERVERVNAME].ciuo9o7t5ksk.us-west-2.rds.amazonaws.com' (111)
I've searched and found that typically it is because the incoming IP rules don't allow the port, but I set the security settings to allow all incoming IPs (and I certainly didn't add any special rule for my perosnal PC IP), so not sure what I'm missing.
I use netfirms for webhosting - they told me that I'll need to configure my AWS instance, but I don't know what I'm missing.
First please check which security group is attached with the AWS RDS Mysql Instance,
Click on the attached security group and all the rule like this