I'm trying to find a solution that will allow for a user to connect to a server via SFTP using a provided username/key combination (stored in a Wordpress installation's MySQL database), without needing to constantly keep two or more separate systems in sync.
This is the MySQL query that gets two columns that have the username of a user and the api key, which the user would type in to their SFTP client as their password:
SELECT m.meta_value, u.user_login
FROM wp_users AS u, wp_usermeta AS m
WHERE m.user_id = u.ID AND m.meta_key = "user_apikey";
As far as the file system goes, there is a folder which has the same name as a user's username for each user, all in the same directory. This user's folder may or may not already exist. When a user makes an SFTP connection to the server, they should be shown only the contents of that folder once authenticated.
Hopefully someone knows of a simple solution to this problem. The only limitation I have is that this must run on a CentOS box, but I'm pretty open to any tools and languages.
Rather than try to get the OS and the underlying file system and SFTP server to use Wordpress as their user source, you will likely have much better luck getting Wordpress to use the OS as its user source.
One route to get there would be to use an LDAP server. Most OSs (and SFTP servers and the file system) can integrate with an LDAP server for authentication, and Wordpress can as well.
Going the route of trying to get the other services to look to Wordpress is just asking for trouble from a security standpoint.
It seems as though I could use Proftpd as an FTP server and add modules to configure it with the following modules:
Proftpd MySQL authentication using mod_sql
Proftpd SFTP using mod_sftp
Related
Going around in circles. Please help, I enter http://localhost into safari on my mac and receive: It works!
However, I cannot figure out how using MySQL workbench I can find the URL. I am looking to code JSON in xCode to retrieve data from my local MySQL database, however, I do not even know the URL to access it.
My port is on 3306. I have tried http://127.0.0.1:3306 - and get a failed to open.
Do I need myphpadmin or can I go direct to MySQL?
I have tried saving a copy of MyPhPAdmin under Users>MyUserName> but this did not work when I ran: http://localhost/myphpadmin
Should the file be saved elsewhere? When I worked on Python weeks ago I run it under a different location then was recommended (Under the Python X.X cache folder) whereas online people simply ran it from their Users>MyUserName> folder. I am on the latest Catalina OS X.
Tried http://localhost/usr/local/mysql-8.0.20-macos10.15-x86_64/phpmyadmin/ - 404 not found
With MySQL, you can connect via localhost "socket" or networking "TCP/IP" connections. The user accounts in MySQL exist separately from each other, so if your user account exists with host value 'localhost' the TCP/IP connection probably won't work for you. Also note that, depending on how you installed MySQL and how it's configured, it might not even listen for network connections. Normally, localhost is preferred if you are on the same machine.
In MySQL Workbench, you need to give the hostname or IP address when selecting "Standard (TCP/IP)" from the "Connection Method" dropdown. This is simply the hostname or IP address, not a complete URL or web site. So you'd set the hostname to "127.0.0.1" or "192.168.9.34" or whatever. Again, Local Socket/Pipe is usually a better choice in most cases.
MySQL uses its own networking port (3306) and communication protocol, so using http://127.0.0.1 is incorrect as it isn't using the http protocol. Likewise, if you would need to change the port for some reason, specify that in the port field rather than as a part of the hostname.
As for phpMyAdmin, you would install that to a folder that is handled by your web server, then access it through the URL/path exposed by the web server — by default, your user home directory is not shared to the web (and rightly so, I don't want all of my documents and files shared with the world!). Put the phpMyAdmin folder in your web root and you'll have better success. Which folder that is probably depends a lot on which webserver you are running, how it is installed, and how you configured it.
I won't comment on the Python scripts you've run in the past, as my experience with serving Python to the web requires adjusting some settings in my nginx configuration and I won't want to confuse you compared to the tutorials you're following.
Good day, to make a long story short I was given access to an FTP server in order to upload files to an online website using FileZilla and was given the following:
FTP Username
FTP Password
FTP Server
Port Number
When I tried to asked our "consultant" about access to details to connect to a database server, I was told that I should know how to get in since I was given FTP server access.
However when I downloaded MySQL Workbench to try and edit the database, the the details (or parameters) are different to what I was given to access the FTP.
I would just like to know if I could access the database using FTP credentials or if both need completely separate details to connect. Thanks for any help/advice.
FTP (FileZilla):
SQL (MySQL Workbench):
EDIT:
I use xampp in order to edit an offline version of the database to test before I upload new code into filezilla. I added new columns with ease offline but It does not show online.
For more information:
I have another person editing database info on the online website
The offline version information is completely different and does not update.
I have added a new column in the offline database but there is no update on the website's online version.
This means that there is an online database that I cannot access since I do not have credentials.
FTP and database accesses are two completely different and unrelated things.
While it is possible that hostname, username and password might be the same for both (while still technically separate), port number must be different.
Maybe you are not supposed to have a database access. It may not be available remotely. Maybe only the server-side scripts can access the database (locally – on the server).
I'm working on an application in VB.NET that has to connect to a MySQL database and FTP. How secure is it if I used it in an application that I gave to other people. E.g. if I was to let other people use this application would they be able to find out the MySQL and FTP connection details through intercepting packets or something like that?
If that's the case how can I work round this? Also, part of my application is an uploader for users to upload files, is FTP secure for that or are there better alternatives ways in doing that? My server is a Windows Server 08 if that makes any difference.
Thanks in advance.
FTP is plaintext. It is very easy to get user names and passwords just by packet sniffing. If the ftp is supposed to be secure rather look ay sftp or ftps solutions. These use SSL type encryption on the network layer. Never ever use a ftp server for sensitive information.
MySQL traffic can also be sniffed though it is considerably harder to reverse engineer the protocol. If data has to flow between client and mysql in a secured fashion you can configure mysql to use SSL certificates to encrypt the information. This will ensure security is of highest standards.
It depends, but as per Accessing SQL Server with Explicit Credentials article and it is applicable to MySql as well:
The recommended method is to store the predetermined user name and
password on the server, and then read it and add it to the connection
string at run time. An advantage of this technique is that your
application can access the database using different credentials under
different circumstances, depending on what it needs to do in the
database.
Security Note Never hard-code credentials as strings into programs in your application. Anyone who can get access to the code
file, even the compiled code, will be able to get at the credentials.
Security Note Always give a predetermined user name the minimal access privileges to a resource. Never use "sa" or any other
administrative-level user name. Always use passwords
Not sure if this is the right forum for me to ask this question.
But I'm wondering does anyone having difficult using JustHost as web hosting provider in establishing remote access to their mysql database server environment?
What happened recently was that I'm trying to use mySQL ODBC driver connector via MS access to access their mysql database.
Originally I know what my username/password is and JustHost(well.. at least that's what I think they normally do) is set this similar setup for all other CPanel access such as your FTP, email, billing info, etc, etc.
Thus I tried using my username/password to logon into the mysql database via MS ACCESS's odbc connector. But I kept on being rejected to log in.
I started whether the password I used to log on my CPanel services would be different that the one used to access mysql via PHPAdmin window. Thus with that in mind, I forwarded the query to Justhost helpdeskteam.
Unfortunately they don't have a clue about this.
Thus that's what brought me here in this forum, begging this question - does anybody know what's the appropriate approach in remotely connecting mysql database environment via a web hosting provider such as Justhost.com?
Sorry for the elongated story.
Thought it would help to state the meaningfulness of my supposedly-trivial problem.
Log in to your JustHost account and scroll down to Remote MySQL. You need to add the IP address(es) of the remote server(s) to the list of Access Hosts.
I have an odd scenario.
I inherited a box that has SQL Server 2008 R2 on it already. The previous user connected to the (local) database with Windows Authentication using their Windows login.
I have a different Windows login. Is there any way for me to be able to log into the (local) database? The old user is no longer around, I don't know their password.
The easiest way is to get the other users password changed, and then login as that person, although this is only appropriate if you're connecting to a domain, using Active Directory etc.
Alternatively, if you are in the local administrators group, or can get yourself added to it, it's quite likely you can connect to the SQL Server instance as yourself with admin rights.
Finally... if you just want access to a particular database, copy the mdf and ldf files, and re-attach them to another instance.