I started an amazon ec2 instance (Linux AMI) , and installed postgresql 9.2.15 over it. I then went to the Security Group: mygroup-1 and opened the 5432 TCP Port:
Ports Protocol Source mygroup-1
80 tcp 0.0.0.0/0 ✔
5432 tcp 0.0.0.0/0 ✔
22 tcp 0.0.0.0/0 ✔
3389 tcp 0.0.0.0/0 ✔
443 tcp 0.0.0.0/0 ✔
I have created a database and user.
My /var/lib/pgsql9/data/pg_hba.conf looks like this:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 ident
host all all 0.0.0.0/0 md5
# IPv6 local connections:
host all all ::1/128 ident
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres trust
#host replication postgres 127.0.0.1/32 ident
#host replication postgres ::1/128 ident
and /var/lib/pgsql9/data/postgresql.conf looks like this:
# - Connection Settings -
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost', '*' = all
# (change requires restart)
port = 5432 # (change requires restart)
from the local computer, I have successfully connected to the ec2 postgresql using pgAdmin 3 program with connection information:
host: Public IP of EC2 running
port: 5432
username: my-postgresql-user
password: my-postgresql-pass
But when I try to connect to postgresql from my website using PHP (my website placed in the path /var/www/html/mysite), it can't connect.
My code:
$host = "Public IP of EC2 running";
$port = "5432";
$name = "my-postgresql-database";
$user = "my-postgresql-user";
$pass = "my-postgresql-pass";
$connstr = "host=$host port=$port dbname=$database_name user=$user password=$pass";
pg_connect($connstr);
when I run on local computer, it is connected ok, but when uploaded to /var/www/html/mysite, it can't connect to database.
I tried replacing the variables $host = "localhost" or "Public DNS of EC2 running" but still can't connect.
Please help
Related
The title might make this seem like a duplicate of some existing questions here on SO, but its kind of not in a way, in my opinion.
8140863, 30617357, 27749691
But I can't for the life of me make the answers to these threads work, instead of asking questions on those threads, I would like to create my own question, I'd like to discuss my setup and then my problem, and then what I've tried
My server setup is this, I have a local(an actual physical machine) and a VPS I'm renting, both are running at Centos7.x, PostgreSQL10, Php 7.x, and Python-2.x, BOTH can ping and ssh each other through a VPN just fine.
Both can connect to their own respective databases just fine through PHP, Python, PSQL Terminal
On my VPS Server, I can connect to my Local Server's PostgreSQL database using Python(psycopg2), PHP(php-pgsql) and Terminal(psql) totally fine.
On my local server, I can connect to my VPS PostgreSQL using Python(psycopg2) and Terminal(psql) EXCEPT through PHP(php-pgsql)
Whenever I connect to VPS's PostgreSQL through PHP, I'm getting this error like everyone else
pg_connect(): Unable to connect to PostgreSQL server:
could not connect to server: Permission denied
Is the server running on host "123.456.0.789" and accepting TCP/IP connections on port 5432?
Here are what I've done.
On postgresql.conf set listen_address = "*" -- this is OK
Added pg_hba entries for both -- this is OK (python and terminal can connect on both)
Port 5432/tcp is both enabled and allowed -- this is OK
Selinux is disabled -- this is the answers for the thread referenced above, but it doesn't work for me even after reboot of course.
these are the result of my netstat
#netstat -na | grep 5432
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN
tcp6 0 0 :::5432 :::* LISTEN
tcp6 0 94 ::1:55110 ::1:5432 ESTABLISHED
tcp6 0 0 ::1:5432 ::1:55060 ESTABLISHED
tcp6 0 0 ::1:5432 ::1:55110 ESTABLISHED
tcp6 12 0 ::1:5432 ::1:55108 ESTABLISHED
tcp6 0 12 ::1:55108 ::1:5432 ESTABLISHED
tcp6 0 0 ::1:55060 ::1:5432 ESTABLISHED
unix 2 [ ACC ] STREAM LISTENING 31102 /var/run/postgresql/.s.PGSQL.5432
unix 2 [ ACC ] STREAM LISTENING 31104 /tmp/.s.PGSQL.5432
iptables
#iptables-save | grep 5432
-A IN_public_allow -p tcp -m tcp --dport 5432 -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT
getenforce
#getenforce
Disabled
Selinux
#/usr/sbin/sestatus | grep SELinux
SELinux status: disabled
#sudo setsebool -P httpd_can_network_connect_db 1
setsebool: SELinux is disabled.
postgresql.conf
listen_addresses = '*'
port = 5432
pg_hba.conf (i just changed the ip for posting here) I tried using trust, but its still the same
# "local" is for Unix domain socket connections only
local all all password
# IPv4 local connections:
host all all 127.0.0.1/32 password
host all all 123.456.0.1/32 password
host all all 123.456.0.11/32 password
host all all 123.456.0.20/32 password
# IPv6 local connections:
host all all ::1/128 password
edit start: My PHP pg_connect code (I just changed the IP just for this post, but it points to the VPS IP)
$pgcon = pg_connect("dbname=database1 user=some_user password=some_password host=123.456.0.789");
edit end : ==
I would like to emphasize that BOTH servers can connect on each others and their own PostgreSQL database through other means, with the exception of my Local Server, it couldn't connect to VPS PostgreSQL using PHP.
VPS To Self(localhost connection)
VPS to Self via PHP is OK
VPS to Self via Python is OK
VPS to Self via PSQL(Terminal) is OK
VPS To Local Server(Connecting using Local Server's VPN IP)
VPS to Local Server via PHP is OK
VPS to Local Server via Python is OK
VPS to Local Server via PSQL(Terminal) is OK
Local Server to Self(localhost connection)
Local Server to Self via PHP is OK
Local Server to Self via Python is OK
Local Server to Self via PSQL(Terminal) is OK
Local Server to VPS(Connecting using VPS's IP by VPN and Public IP)
Local Server to VPS via Python is OK
Local Server to VPS via PSQL(Terminal) is OK
Local Server to VPS via PHP Is NOT OK
I'm really sorry for the long thread, I wanted to give as much information as I can.
Let's split error by types. I'd made several tests with your case and what I found:
If we mess with connection parameters (i.e. wrong port, or IP address) we get the error "could not connect to server: Connection refused" or "Operation timed out
Is the server running on host "128.0.0.1" and accepting")
If we mess with credentials, we get the error "FATAL: password authentication failed for user ..."
Permission denied can be thrown only if you have not permissions to open a TCP connection from your PHP library.
Pls, double-check if you disable SElinux on your Local Server as for me, this is still the closest workaround for your problem.
I'm having issues connecting to my AWS EC2 Server holding a MySQL Server.
Here's my Response from mysqli_connect
p#xxx.com [~/app]# php checkmysqlremote.php
Error: Unable to connect to MySQL.
Debugging errno: 2002
Debugging error: Connection refused
Here's my netstat -tuplen on the EC2 Server containing the MySQL Server
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 999 20299 1378/mysqld
As you can see its binding to the 0.0.0.0 address correctly.
I enabled the 3306 port in inbound rules for EC2.
on the server making the request handshake, I ran:
curl -s example.com:3306 >/dev/null && echo Success. || echo Fail.
which resulted in Fail.
I also ran it on the local server instance and it responded with Success.
I also ran nmap on the server making the handshake,
nmap -p 3306 example.com
Nmap scan report for example.com (1.1.1.1)
Host is up (0.048s latency).
PORT STATE SERVICE
3306/tcp filtered mysql
Nmap done: 1 IP address (1 host up) scanned in 2.03 seconds
Lastly, I tried adding the following rules in iptables:
iptables -A INPUT -i eth0 -s "example.com" -p tcp --destination-port 3306 -j ACCEPT
and
sudo iptables -I INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT
I don't know what to do at this point.
UPDATE
I tried pinging the EC2 server from the remote server and it did not return anything. At this point i think the issue is with EC2.
Try adding the follwing GRANT to your user:
GRANT ALL PRIVILEGES ON *.* TO 'user'#'ipadress'
Sounds like the port might not be getting forwarded correctly? One thing to try might be to put an Amazon Elastic Load Balancer in front of the instance. Then you can forward port 3306 for the MySQL connection.
I started local server using php on my server . (Trying to work on port 8080/8283 . Anyone of them will do .)
php -S 0.0.0.0 8283 -t testServer/
using curl localhost:8283 I am able to get the result of the index.php file
but when I access it using my server ip I am not able to access that port .
Any when I do netstat -tuplen . I can see that port as well .
How can I make port 8283 available through http request ?
I asked this question here but not much help .
I have used this
# /sbin/iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 8283 -j ACCEPT
# service iptables save
# service iptables restart
and still it did not work
And this is output from telnet on my server
telnet XX.XX.X.XXX 8283
Trying XX.XX.X.XXX...
Connected to XX.XX.X.XXX.
Escape character is '^]'.
GET /
HTTP/0.9 200 OK
Connection: close
X-Powered-By: PHP/5.5.19
Content-type: text/html
Hello World !Connection closed by foreign host.
this one is from my PC
telnet XX.XX.X.XXX 8283
Trying XX.XX.X.XXX...
telnet: Unable to connect to remote host: No route to host
NMAP Result
sudo nmap -p 8283 XX.XX.X.XXX
Starting Nmap 5.21 ( http://nmap.org ) at 2015-02-04 19:18 IST
Nmap scan report for srv1.domain.com (XX.XX.X.XXX)
Host is up (0.035s latency).
PORT STATE SERVICE
8283/tcp filtered unknown
Nmap done: 1 IP address (1 host up) scanned in 0.37 seconds
IPTABLES OUTPUT
/sbin/iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8282
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8283 state NEW,ESTABLISHED
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
try
php -S 0.0.0.0 8080 -t testServer/
by use localhost you will bound just 127.0.0.1 address: that address is not reachable by other address instead of localhost or localhost.localdomin.
Now by use 0.0.0.0 you will bound all your interfaces. Alternatively you can use your host address where you want expose the service.
You do not have to use localhost you have to use your external ip address:
php -S <ip-address> 8080 -t testServer/
localhost is mapped on ip 127.0.0.1 so it is only available from yor server.
You're explicitly binding to localhost. If you want to bind to a different IP address, then specify it instead of localhost (or use 0.0.0.0 for all network interfaces).
This question already has an answer here:
Can't Connect to PostgreSQL with PHP pg_connect()
(1 answer)
Closed 8 years ago.
I have a CentOS 6.5 virtual machine, which run on VirtualBox.
On it I have set up Apache, PHP, PHP Postgres extension (php-pgsql) and Postgres database.
I modified the pg_hba.conf file to allow connections:
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 ident
# IPv6 local connections:
host all all ::1/128 ident
host all all 192.168.0.0/24 trust
host all all 0.0.0.0/0 md5
This is my iptables file:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:8090
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:postgres
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Now, when I connect from my host machine (ip: 192.168.0.117) to Postgres with the client pgAdmin3 (user: postgres, password: postgres) I am able to do that and everything works fine but PHP running on my CentOS VM can not connect to database:
$connection_string = "host=localhost port=5432 dbname=rt_prezzario user=postgres password=postgres";
$resource = pg_connect($connection_string);
This is the warning that PHP triggers when I run those two code lines:
Warning: pg_connect(): Unable to connect to PostgreSQL server: could not connect to server: Permission denied Is the server running on host "localhost" (::1) and accepting TCP/IP connections on port 5432?
Anyone have suggestions?
SELinux is likely blocking the connection. You should be able to find a log entry in /var/log/messages when the connection was blocked.
Try setting this flag in SELinux:
setsebool -P httpd_can_network_connect_db on
RedHat has some documentation on this SELinux flag: 1
I show phpinfo() info page has pgsql enable support
But in file php
$dbconn =pg_connect("host=localhost port=5432 dbname=qlbv user=postgres password=123456")
or die("can't connect db");
result of $dbconn is false;
I had config
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# IPv4 internet connections:
host all all 0.0.0.0/0 md5
# - Connection Settings -
listen_addresses='*'
#listen_addresses = 'localhost' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost', '*' = all
# (change requires restart)
port = 5432 # (change requires restart)
I setup webserver in centos
result of $dbconn is false;
Can you help me?
thanks!
you try types:
getsebool -a | grep ftp
setsebool -P ftp_home_dir on
getsebool -a | grep ftp