Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 days ago.
Improve this question
I would like to replicate my WordPress MySQL database as described in the MySQL documentation 5.7 - Replication.
I am attempting to configure an externally hosted instance of Wordpress to act as the Master to a Slave MySQL database hosted on a.n.other platform. Understandably the MySQL .ini file is not visible on the host system, and I am not sure that designating the server id or the Master/Slave status will be available either (if I am wrong about this I will be delighted). I am attempting a solution using WP Data Access, but they are currently locked out of Dropbox and have been for a few days so I am reluctant to commit a vital part of the architecture to them just yet.
Another option has occurred to me - can anyone out there tell me why it wont work (or suggest another solution).
If I were to set up a locally hosted instance of WordPress and configure it to act as Master, and then ported the whole thing to the external host, would the .ini settings etc survive the journey? It may be that these questions are better directed to the host, but their position is that they host WordPress (exclusively) but do not offer any sort of MySQL support.
Have attempted to again access to the .ini file within WordPress's database, with no success.
Have upgraded WP Data Access to Premium, but need a Premium Data Service to connect the host with the other platform and am waiting for the host to get back to me.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
This image shows the error pop up when I try to test the connection
Current Set Up: 2015 MacBook Pro. OS 10.15.7
Things that I have tried:
System preferences > MySQL > initialize setup.
Checked Username is correct on AWS RDS set up.
Checked the endpoint address.
Tested connection on a 127.0.0.0 database. Works fine.
Sounds like you have not configured the Security Group related to your RDS instance. You must set up inbound rules for the security group to connect to the database. You can set up one inbound rule for your development environment and another for Elastic Beanstalk (assuming you use that to host your app). Setting up an inbound rule essentially means enabling an IP address to use the database. Once you set up the inbound rules, you can connect to the database from a client such as MySQL Workbench. For information about setting up security group inbound rules, see Controlling Access with Security Groups.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 2 years ago.
Improve this question
I got windows application with MySQL database. Database will be stored on user's PC only. How to secure that my application will work on every Windows OS even if client doesn't have MySQL installed on his PC - how can I import mysql on user's PC if it's missing?
You choose wrong approach. MySQL database is not suitable to be installed on each customer PC. There have many reasons to this. For example:
customer PC too weak for run MySQL instance,
or may be client PC already have installed MySQL,
or one of thousands another reasons
You can choose MySQL only in client-server architecture: lightweight client application and server with MySQL stored all clients data. This approach demand stable network connection between client to server.
If you want to store all data locally on clients PC - SQLite is right choose.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 12 months ago.
Improve this question
I'm renting a VPS and right now it is being used as my web server and MySQL database. When renting a VPS, they give you SSH access to it. Is there a way for me to hide (make it seem like it doesn't exists) SSH and MySQL outside connections except for my own?
I don't want public users to see that SSH is enabled even though they probably won't guess the password.
You can use Port knocking to hide SSH. I would close down the mysql port and use a SSH tunnel for this.
Install a port-knock daemon. It looks for "special "knock" sequences of port-hits" and then opens the firewall like you want it.
knock myserver.example.com 123:tcp 456:udp 789:tcp
mysql: you could maybe forbid connections except from localhost, and use ssh port forwarding to remotely access your database
ssh: use a non-standard port and switch to public key authentication. You will have to leave a port open anyway.
Fail2ban may be worth trying. It will block connections to your machine from a given address after repeated failures.
If you're accessing the server from only one address (or very few addresses), you can add a firewall rule to block any access from anything other than those addresses. However, if you're going to be accessing the site from (say) your cellphone, you can't do this, as your cell is highly likely to be behing a NAT firewall and you can't predict what the external IP would be.
You can also move SSH onto something other than the default port 22 to block the "stupid" ssh attack scanners, though that won't stop dedicated port scanners.
Some thoughts...
You could run sshd on a non-standard port. Port-scanners will be able to notice it, but the scripts that just bang on port 22 won't see it.
You could configure it to only allow connections from specified hosts (better to do this at the firewall level, come to think of it). This would limit your ability to log onto it from anywhere but would allow sshd to immediately reject connections from any place other than the specified hosts.
I think the best two options are:
Hide the servers behind a firewall and use a VPN to communicate.
Change the port numbers to something random so they won't be detected by a default port scan.
Today we rely more on browser based sessions as they tend to be more secure thanks to modern browsers' sandboxing and generally higher security level, freely available auto-renewable SSL certificates, and well understood MFA systems.
Web based SSH terminals are common, and they can be protected by federated authentication (OAUTH/SAML/OIDC) identity providers (also available for free! Auth0, DUO, but also Google, Github, etc) and easily complemented with multi factor authentication.
A good implementation of this concept comes for free if you have a Linode VPS: it's called the LISH (Linode Shell). Provided both as text based (Weblish) and canvas based (Glish).
If you are not on Linode, you can host your own Apache Guacamole which is equally great. And of course, it comes with SAML, OIDC, TOTP MFA, etc.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
I came across the bind address while trying to configure the MySQL server. The details of why I want to configure the bind address is in the link below.
Multiple hostnames and multiple privileges?
Now, I want to understand the purpose of the bind address. In the sense, is a binding address the address we assign to the machine that is hosting the MySQL server?
I have no clue. Would be really helpful if someone could explain me the purpose of it. Also, will assigning 0.0.0.0 to the binding address create any security flaws/loop holes?
The address you specify in bind tells MySQL where to listen. 0.0.0.0 is a special address, which means "bind to every available network".
Only client software which is able to open a connection to the server using the same address that is specified in the 'bind' option will be allowed to connect.
Some examples:
If MySQL binds to 127.0.0.1, then
only software on the same computer
will be able to connect (because
127.0.0.1 is always the local computer).
If MySQL binds to
192.168.0.2 (and the server computer's IP address is
192.168.0.2 and it's on a /24 subnet), then any computers on the same
subnet (anything that starts with 192.168.0) will be able to connect.
If MySQL binds to
0.0.0.0, then any computer which is able to reach the server computer
over the network will be able to connect.
These are all transport-level connections. Remote computers still need to qualify for application-level, which is to say they will still require the correct login credentials and host parameters from mysql.user.