I'm using Xampp for this and have been able to get it to connect from my phone to the host using the hosts static ip 192.168.0.x but when I try to connect to the database though my public ip address it fails.
http://192.168.0.x/testdatabase/ works but
http://xx.xx.xxx.xx/testdatabase/ (my public ip) doesn't, I have enabled port forwarding on port 3306 to the hosts static ip but it still fails and I have even tried adding :3306 to the end of the ip.
How can I connect to the sever through my public ip address?
I'd probably use SSH Tunneling.
Tunnel to your server using SSH, then with your local client, connect to localhost on whatever port you've set your tunnel to for MySQL.
On Windows you can use putty to do that. Or ssh on MacOS / Linux.
I won't make a full tuto on how to setup an SSH tunnel but you'll find tons of sources on the web.
The problem is not PHP, the problem is that you didnt specify the rights for a user to connect from another IP.
You grant user specific rights in the rightsmanagement. If you want, lets say, from 10.10.10.10 to your DB as user "foo", you have to allow it:
GRANT ALL ON mydatabase.* TO bar#'10.10.10.10' IDENTIFIED BY 'randompassword';
Otherwise MySQL will block the access to your DB.
You also could allow EVERY IP:
GRANT ALL ON mydatabase.* TO bar#* IDENTIFIED BY 'randompassword';
Sidenote: It is NOT good to allow access from other than internal network (or even localhost). Exposing your Server to the world wont do any good.
Related
Ok here’s the deal. I setup MySQL database on Rackspace and I’m trying to connect to it. I am using the tutorial google maps to create store locator using MySQL. The line of the code in the tutorial asks for the host name and I’m giving the IP address of my server on Rackspace. I’m using what I think is the correct one but it’s not working. Any ideas?
Here's the google tutorial code:
// Opens a connection to a mySQL server
$connection=mysql_connect (localhost, $username, $password);
if (!$connection) {
die("Not connected : " . mysql_error());
};
My code:
$connection=mysqli_connect ('THE IP ADDRESS OF MY RACKSPACE SERVER', 'MY USERNAME', 'MY PASSWORD');
Here's a link to the tutorial from google: https://developers.google.com/maps/solutions/store-locator/clothing-store-locator
I know I have the server IP correct and my username/password correct since I'm able to login via SSH from terminal with those credentials.
When I use mysql> \s to show the status it says Connection: Localhost via UNIX socket - does this mean it's local host? I need it hosted on IP to connect right?
I expect that your MySQL server is by default by your Linux distribution's packaging configured to listen either locally, or on the socket file only. You can update your DB config to listen on the public IP address of your server however obviously this can come with some security implications.
To do this edit the /etc/mysql/mysqld.conf file (this may be in a slightly different location depending on distribution being used) and the following line as such...
From
#bind-address = 127.0.0.1
To
bind-address = 0.0.0.0
Now restart your MySQL service using the systemctl or service command.
service mysql restart
Your MySQL server is now listening on ALL the host's IP addresses. If you want to limit it to just one you should enter that IP instead of 0.0.0.0. You should now be able to connect to your MySQL server remotely, however, you must have already configured your database user to be able to login from the webserver. If you haven't configured the user yet do something like this.
mysql
CREATE USER '<username>'#'<webserver ip address here>' INDENTIFIED BY '<password>';
GRANT ALL PRIVILEGES ON <database>.* TO '<username>'#'<webserver ip address>';
FLUSH PRIVILEGES;
You should now be able to login as this user and view / modify / insert etc... data to the database specified from the server IP address specified. You can test this from the web server using the MySQL client like this...
mysql -u <username> -h <db server ip> -p
When I ssh into my server, I issue the following command:
ssh <username>#<ip-of-server>
Then, when I get in, I see the following as my prompt:
<username>#ip-<different-ip-address>:
When I try echo $PS1 in the server, then I see the following:
\[\e]0;\u#\h: \w\a\]${debian_chroot:+($debian_chroot)}\u#\h:\w\$, which tells me that the host must be different. Why are these not the same: ip and host?
The reason I ask is because, I can access the just fine by ssh-ing, but I cannot ping it:
ping <ip-of-server> ... results in 100% losses.
So, I thought maybe I should ping the other ip, however:
ping ip-<different-ip-address> ... also results in 100% losses.
How is it possible to not be able to ping, yet I can still log in?
Private IP is internal to AWS which is 10.x.x.x
You can also check that by invoking
curl http://169.254.169.254/latest/meta-data/local-ipv4
within your instance which gets that info from the metadata server.
Public IP (if assigned) is the external IP. You can get the same from metadata server. Try:
curl http://169.254.169.254/latest/meta-data/
If your shell prompt is an issue, you can set the prompt after querying the public IP.
ip-of-server is probably the public ip of the server. different-ip-address is probably the private ip of the server.
pings will not go through from the outside unless you enable ICMP traffic through the Security group the you've set for your instance.
It's possible to log in because the port used for SSH is open (TCP 22) in the Security group, while ICMP is not open (ICMP).
I have website example.com, it contains a MySQL server. I have another example.org, both are different domains. I want to access the MySQL server on example.com from example.org. How would it be possible?
You will need to set the remote example.com when you call the database connection initialization function. For example:
mysqli_connect("example.com", 'username', 'password', 'database name');
But you will need to check whether example.com's MySQL server is set to accept connections from other hosts (see the bind-address directive in your my.cnf or my.ini), and that the username you connect with is set to be able to connect from external domains.
Consider the following Users page of phpMyAdmin:
It is clear that only user test has access from outside domains (% in the Host field). Not shown on the image, but user test has full privilege on the database called test. The other users are bound to the local domain, even though the server is set to accept connections from the outside, when authenticating, users are thrown a denial.
You can connect to remote MySQL server. Just have to make sure that the remote server is binding to public address.
Here's how: http://www.howtogeek.com/howto/mysql/switch-mysql-to-listen-on-tcp/
You can connect to any MySQL server wherever it is, as long as it's setup for remote connection.
Depending on your operating system and webserver of choice, the settings will be different, but a good place to start is by (if using linux) looking here:
/etc/mysql/my.cnf
In this file you will find:
bind-address: 127.0.0.1
You will change this to the IP address of the server and then restart the mysql daemon.
..and now you can connect remotely ;)
I'm developing website for my school. In that school we authenticate users via LDAP, so there was an idea to do the same via school-site. On that site everything is working perfectly, but during developing I need very often to test if such solution works, of not. In order not to commit my changes so often I want to test this site on my local computer, but for connecting with LDAP i want to use ssh tunnel. In school network we have one server through witch we are connecting with inside of our school network. It's address is phoenix.lo5.bielsko.pl. Inside this network we have LDAP server with opened 389 and 636 ports. It's address is auth.lo5. I don't have access to auth.lo5 via SSH, I can only connect with it to get some LDAP entries. So, I've tried to run SSH tunnel by running:
ssh -L 636:auth.lo5:636 hfaua#phoenix.lo5.bielsko.pl
Then, I've set in my /etc/hosts that auth.lo5 is pointing to 127.0.0.1. I'm connecting to LDAP in PHP in such a way:
ldap_connect('ldaps://auth.lo5', 636);
But I'm getting error Can't contact LDAP server. I think, that problem might be on phoenix.lo5.bielsko.pl in its SSH daemon config or in arguments passed to ldap_connect() function. Can you tell me, what should I set in sshd_config or in arguments passed to ldap_connect to get it working?
I posted the same question in similar thread, but no one has answered my question.
P.S. In my /etc/ssh/sshd_config I have line AllowTcpForwarding yes
If I got it right phoenix.lo5 and auth.lo5 are 2 different machines.
If so you have to create a tunnel to the ssh machine, and then send the ldap queries to the right machine.
Your command: ssh -L 636:auth.lo5:636 hfaua#phoenix.lo5.bielsko.pl is right if phoenix.lo5.bielsko.pl can resolve auth.lo5 via DNS or /etc/hosts, if not you need to use its internal ip address.
Also if you want to use port 636 on your pc, you need to run your command as superuser (root or with sudo) else you need to use an high port (above 1024) as stated by Borealid
Once the tunnel is up you have to point to localhost to do the queries
I ran into this same issue. Running with -d1 showed me this error:
TLS: hostname (mylaptop.local) does not match common name in certificate (*.mydomain.com).
TLS reverse lookup of 'localhost' is 'mylaptop.local', checking if that matches the certificate common name
Could be you're hitting a similar problem.
I was able to fake it out by running:
sudo hostname someserver.mydomain.com
which caused SSL to assume it was talking to the right host.
I was also getting the error hostname (mylaptop.local) does not match common name in certificate (*.mydomain.com). However I did not want to edit the hostname of my machine to match that of the LDAP server. Instead I edited the hosts file (etc/hosts on linux) file to add a line that would intercept requests to the LDAP server eg:
127.0.0.1 ldap.server.com
This has the added benefit of not requiring you to change which server name you are trying to connect to in your code, you only need to change the port number if you chose a different port.
Try replacing all instances of auth.lo5 with localhost:
ssh -L 636:localhost:636 hfaua#phoenix.lo5.bielsko.pl
and
ldap_connect('ldaps://localhost', 636);
If that doesn't work, try turning off SSL to see if that works:
ssh -L 389:localhost:389 hfaua#phoenix.lo5.bielsko.pl
and
ldap_connect('localhost', 389);
Help!
I have a PHP (PHP 5.2.5) script on HOST1 trying to connect to an MySql database HOST2. Both hosts are in Shared Host environments controlled through CPanel.
HOST2 is set to allow remote database connections from HOST1.
The PHP connect I'm using is:-
$h2 = IPADDRESS;
$dbu = DBUSER;
$dbp = DBPASS;
$DBlink = mysql_connect($h2, $dbu, $dbp);
This always fails with:-
Access denied for user '<dbusername>'#'***SOMESTRING***' (using password: YES)
nb: SOMESTRING looks like it could be something to do with the shared host environment.
Any ideas???
BTW: I can make remote connections to HOST2 from my laptop using OpenOffice via ODBC, and SQLyog. The SQLyog and ODBC settings are exactly the same as the PHP script is trying to use.
somestring is probably the reverse-lookup for your web-server.
Can you modify privileges from your cPanel? Have you done anything to allow access from your workstation (ODBC)?
The error-message seems to indicate that you have network-access to the mysql-server, but not privileges for your username from that specific host.
If you're allowed to grant privileges for your database, invoking:
GRANT SELECT ON database.* TO username#ip.address.of.host1 IDENTIFIED BY 'password'
might work for you. I just wrote this out of my head, you might want to doublecheck the syntax in mysql-docs.
Have you read the MySQL documentation on Causes of Access denied Errors?
Have you contacted support for your hosting provider? They should have access to troubleshoot the database connection. People on the internet do not have access.
Do you need to specify the database name? Your account might have access to connect only to a specific database. The mysql_connect() function does not allow you do specify the database, but new mysqli() does. I'm not sure if this is relevant -- it might allow you to connect but give you errors when you try to query tables that aren't in your database.
Are you sure you're using the right password? MySQL allows each account to have a different password per client host. Admittedly, this is not a common configuration, but it's possible. Your hosting provider should be able to tell you.
Just some ideas:
HOST1 does not have remote access to HOST2 (shared host is disallowing)
MySQL account does not have access from HOST1 (IP address specified on account creation, or wildcard)
Edit:
In response to your comment, I meant that HOST1 cannot get to the MySQL port on HOST2. Web services will work, of course, because port 80 is open to the public. As another user pointed out though, you are getting a response, so you are reaching it. I would try specifying the DB, and double checking the account creation command you ran.
For the second piece, I meant this: http://dev.mysql.com/doc/refman/5.0/en/adding-users.html
You can specify what host the username can connect from. If it isn't set to HOST2's IP or the wildcard, HOST2 can't log in with those credentials.
The error message means that you can contact the mySql server, but the user you are trying to log in as, does not have access.
Either the user does not have access at all, or it has access locally, but not from the host you are connecting from.
You should try to use the hostname and port like $h2 = IPADDRESS:3307;