I am trying to connect to a mongodb server in my php file which is on my local. The mongodb server is on another server whose IP i know. There is no username and password set on the server for the mongodb. I have installed the php driver for mongodb too as required on my system.
Mongodb is working fine on the server. I have checked that.
When i run my php script its giving error:
*The website encountered an error while retrieving http://localhost/test/mongo_test.php. It may be down for maintenance or configured incorrectly.*
Is there anything else i need to configure ? If yes where? and also how?
The server most likely has a firewall in place not allowing outside access to the particular port MongoDB is running on for security purposes.
We had to set bind_ip: 0.0.0.0 in the config file.
Read more here: https://docs.mongodb.com/manual/reference/configuration-options/#file-format
"To bind to all IPv4 addresses, you can specify the bind ip address of 0.0.0.0. To bind to all IPv4 and IPv6 addresses, you can specify the bind ip address of ::,0.0.0.0 or alternatively, use the new net.bindIpAll setting or the new command-line option --bind_ip_all."
https://docs.mongodb.com/manual/core/security-mongodb-configuration/
Related
Good day,
I am using Kubernetes to run containers on the google container engine.
The idea is to run two containers in a pod. One container uses the docker mysql image, the other runs php, laravel, nginx and composer.
Locally, this works. The idea is that the php can connect to the database on localhost, and this should work if both containers are in the same pod. However, when the pod is launched, we see the following message in the log:
SQLSTATE[HY000] [2002] Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
The only difference is that when testing locally, I change localhost to the internal docker ip.
Thanks and good day
On Unix, MySQL programs treat the host name localhost specially, in a way that is likely different from what you expect compared to other network-based programs. For connections to localhost, MySQL programs attempt to connect to the local server by using a Unix socket file. This occurs even if a --port or -P option is given to specify a port number. To ensure that the client makes a TCP/IP connection to the local server, use --host or -h to specify a host name value of 127.0.0.1, or the IP address or name of the local server. You can also specify the connection protocol explicitly, even for localhost, by using the --protocol=TCP option. For example:
shell> mysql --host=127.0.0.1
shell> mysql --protocol=TCP
The --protocol option enables you to establish a particular type of connection even when the other options would normally default to some other protocol.
The other solution is using Kubernetes Volume abstraction to share a path between containers. Edit /etc/mysql/my.cnf on both containers' images and change socket location for both MySQL server and client to point to the shared directory or disk.
MySQL comes preconfigured to only support named pipe connections on the localhost, if you are going to connect to it from another logical machine you need to locate the following line in your my.cnf file...
#bind-address = 127.0.0.1
and replace it with...
bind-address = {your network ip here}
Once you have enabled the bind address restart your mysql server, check the error log to ensure that no exceptions occurred with binding the address, and then login as root and create a new user account attached to that ip address which you can then use to access MySQL from any other logical machine as long as you connect to it using the IP address you defined in my.cnf.
Please note by default the root account is only accessible from the localhost so you will either need to create a new user account or alter the root account to support remote connections (not secure)
I'm trying to connect to a remote Firebird database "test" (alias already added). It is not an embedded server, and is installed on VM with IP 192.168.1.147.
Here is my connection string:
User=sysdba;Password=masterkey;Database=test;DataSource=192.168.1.147
However I got an error:
FirebirdSql.Data.FirebirdClient.FbException (0x80004005): Unable to complete network request to host "192.168.1.147". ---> Unable to complete network request to host "192.168.1.147".
I've done some research on that but haven't got a clue yet. Some help needed. Thanks
My IP address is 192.168.2.108, and I can ping that server IP successfully
Make sure that
Firebird is running
Firebird is listening on port 3050 on the specified IP (or on 0.0.0.0)
Your firewall allows access to port 3050
You're using the correct host name
For Linux, the Firebird port is closed by default. You need to modify RemoteBindAddress in /etc/firebird/2.5/firebird.conf from
RemoteBindAddress = localhost
to
RemoteBindAddress =
and restart service.
Make sure you have excluded tcp port 3050 in VMs' firewall.
Ok. I think your connection to firebird is faililing because the firebird client looks up the network service file by name and does not find gds_db in the services file.
If your connection string refers to the host by using IP, the Client might fail to identify it because it gethostbyname() and not by IP
Manually include this in the file and you should be fine.
C:\windows\system32\drivers\etc\services
I have website example.com, it contains a MySQL server. I have another example.org, both are different domains. I want to access the MySQL server on example.com from example.org. How would it be possible?
You will need to set the remote example.com when you call the database connection initialization function. For example:
mysqli_connect("example.com", 'username', 'password', 'database name');
But you will need to check whether example.com's MySQL server is set to accept connections from other hosts (see the bind-address directive in your my.cnf or my.ini), and that the username you connect with is set to be able to connect from external domains.
Consider the following Users page of phpMyAdmin:
It is clear that only user test has access from outside domains (% in the Host field). Not shown on the image, but user test has full privilege on the database called test. The other users are bound to the local domain, even though the server is set to accept connections from the outside, when authenticating, users are thrown a denial.
You can connect to remote MySQL server. Just have to make sure that the remote server is binding to public address.
Here's how: http://www.howtogeek.com/howto/mysql/switch-mysql-to-listen-on-tcp/
You can connect to any MySQL server wherever it is, as long as it's setup for remote connection.
Depending on your operating system and webserver of choice, the settings will be different, but a good place to start is by (if using linux) looking here:
/etc/mysql/my.cnf
In this file you will find:
bind-address: 127.0.0.1
You will change this to the IP address of the server and then restart the mysql daemon.
..and now you can connect remotely ;)
With the following code I can connect to mysql:
mysql_connect("localhost","username","");
But if I change localhost to 127.0.0.1 I get the following error:
Can't connect to MySQL server on '127.0.0.1' (13)
Why doesn't it work with 127.0.0.1?
localhost is special cased and uses UNIX sockets instead of TCP/IP. 127.0.0.1 doesn't get that special handling.
See the documentation:
On Unix, MySQL programs treat the host name localhost specially, in a way that is likely different from what you expect compared to other network-based programs. For connections to localhost, MySQL programs attempt to connect to the local server by using a Unix socket file. This occurs even if a --port or -P option is given to specify a port number. To ensure that the client makes a TCP/IP connection to the local server, use --host or -h to specify a host name value of 127.0.0.1, or the IP address or name of the local server. You can also specify the connection protocol explicitly, even for localhost, by using the --protocol=TCP option.
If it doesn't work when you use TCP/IP then the database probably isn't listening on the network. This is generally a good thing as it enhances security (not that listening on 127.0.0.1 exposes any problems, but listening on all interfaces gives more opportunity for attacks).
If you really want to allow connections via the network, then see skip-networking.
have you got an entry in your hosts file mapping 127.0.0.7 to localhost?
Do you have more than 1 mysql servers installed/running on your system? If so, please specify the port number of the mysql server you are trying to access like 127.0.0.1:3306,127.0.0.1:8889 etc.
If you do not know whether there are any other mysql server instances running on your system also, please specify the port.
You will be able to access it when you add the privileges for 'root'#'127.0.0.1' in the "USER_PRIVILEGES" table in the "information_schema" database
You might also try disabling SELINUX
I'm developing website for my school. In that school we authenticate users via LDAP, so there was an idea to do the same via school-site. On that site everything is working perfectly, but during developing I need very often to test if such solution works, of not. In order not to commit my changes so often I want to test this site on my local computer, but for connecting with LDAP i want to use ssh tunnel. In school network we have one server through witch we are connecting with inside of our school network. It's address is phoenix.lo5.bielsko.pl. Inside this network we have LDAP server with opened 389 and 636 ports. It's address is auth.lo5. I don't have access to auth.lo5 via SSH, I can only connect with it to get some LDAP entries. So, I've tried to run SSH tunnel by running:
ssh -L 636:auth.lo5:636 hfaua#phoenix.lo5.bielsko.pl
Then, I've set in my /etc/hosts that auth.lo5 is pointing to 127.0.0.1. I'm connecting to LDAP in PHP in such a way:
ldap_connect('ldaps://auth.lo5', 636);
But I'm getting error Can't contact LDAP server. I think, that problem might be on phoenix.lo5.bielsko.pl in its SSH daemon config or in arguments passed to ldap_connect() function. Can you tell me, what should I set in sshd_config or in arguments passed to ldap_connect to get it working?
I posted the same question in similar thread, but no one has answered my question.
P.S. In my /etc/ssh/sshd_config I have line AllowTcpForwarding yes
If I got it right phoenix.lo5 and auth.lo5 are 2 different machines.
If so you have to create a tunnel to the ssh machine, and then send the ldap queries to the right machine.
Your command: ssh -L 636:auth.lo5:636 hfaua#phoenix.lo5.bielsko.pl is right if phoenix.lo5.bielsko.pl can resolve auth.lo5 via DNS or /etc/hosts, if not you need to use its internal ip address.
Also if you want to use port 636 on your pc, you need to run your command as superuser (root or with sudo) else you need to use an high port (above 1024) as stated by Borealid
Once the tunnel is up you have to point to localhost to do the queries
I ran into this same issue. Running with -d1 showed me this error:
TLS: hostname (mylaptop.local) does not match common name in certificate (*.mydomain.com).
TLS reverse lookup of 'localhost' is 'mylaptop.local', checking if that matches the certificate common name
Could be you're hitting a similar problem.
I was able to fake it out by running:
sudo hostname someserver.mydomain.com
which caused SSL to assume it was talking to the right host.
I was also getting the error hostname (mylaptop.local) does not match common name in certificate (*.mydomain.com). However I did not want to edit the hostname of my machine to match that of the LDAP server. Instead I edited the hosts file (etc/hosts on linux) file to add a line that would intercept requests to the LDAP server eg:
127.0.0.1 ldap.server.com
This has the added benefit of not requiring you to change which server name you are trying to connect to in your code, you only need to change the port number if you chose a different port.
Try replacing all instances of auth.lo5 with localhost:
ssh -L 636:localhost:636 hfaua#phoenix.lo5.bielsko.pl
and
ldap_connect('ldaps://localhost', 636);
If that doesn't work, try turning off SSL to see if that works:
ssh -L 389:localhost:389 hfaua#phoenix.lo5.bielsko.pl
and
ldap_connect('localhost', 389);