Configure your MySQL/Mariadb server to accept local connections

So lets say that you have created a Database server, and you wanted to accept only connections from other servers using the internal/private IP, to be honest I found that the easy way is to do that via iptables, am not going to talk about how to save your iptables as I will assume that you know how to do so, if you dont search using google.com

Lets assume that your private ip is 10.2.10.2 and your public ip is 192.168.2.10 so now you will have to execute the following commands :

First and before I explain the codes you will need to edit your my.cnf file and change the bind-address value from 127.0.0.1 to 10.2.10.2

Lets explain each one :

1- Allow local host connections
iptables -A INPUT -i lo -j ACCEPT

2- Allow the current connections, so you wont kicked out.
iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

3- Allow any connection to the internal IP on the port 3306 note that eth0 is my ethernet on the server, you should change it to the correct one on your server, you can use ifconfig  to know more about your server
iptables -A INPUT -i eth0 -d 10.2.10.2 -p tcp --destination-port 3306 -j ACCEPT

4- Reject any connection to the public one
iptables -A INPUT -i eth0 -d 192.168.2.10 -p tcp --destination-port 3306 -j REJECT

5- Drop all other connections
iptables -A INPUT -j DROP

thats all, now if you want to access your server remotely you will need to depend on SSH Tunneling not direct connections.

Filed under: Linux, MySQL

No comment yet, add your voice below!


Add a Comment

Your email address will not be published. Required fields are marked *

Comment *

Name *
Email *
Website

7 + one =