CVSmarc
asked on
Secure Remote Access to mySQL
Hi all
I currently have a remote web host that is running mySQL. Coming from a management point of view i would like to have access to my databases so that i can run apps like SQLyog and mySQL admin, thus i need remote access. Now, i suppose i could use phpmyadmin to manage the database, but trying to do something like that via a web interface becomes an absolute nightmare after a while.
Thus, to gain remote access for mySQL, typically i would need to open 3306 (note, from a security point of view i could choose a different point). Now i was talking to someone today and they said "...if you care about your data in a mySQL database you shouldn't allow remote access to your databases." Is this a real problem with mySQL or was this person just a mySQL basher??? Now i know that there will be some risks now that you have a port open but in my eyes the risk is no more than running phpmyadmin.
So is there anyway of having relatively secure remote access to my mySQL OR is there a better way of managing the db remotely whilst still being able to run these apps???
Thanks
ant
I currently have a remote web host that is running mySQL. Coming from a management point of view i would like to have access to my databases so that i can run apps like SQLyog and mySQL admin, thus i need remote access. Now, i suppose i could use phpmyadmin to manage the database, but trying to do something like that via a web interface becomes an absolute nightmare after a while.
Thus, to gain remote access for mySQL, typically i would need to open 3306 (note, from a security point of view i could choose a different point). Now i was talking to someone today and they said "...if you care about your data in a mySQL database you shouldn't allow remote access to your databases." Is this a real problem with mySQL or was this person just a mySQL basher??? Now i know that there will be some risks now that you have a port open but in my eyes the risk is no more than running phpmyadmin.
So is there anyway of having relatively secure remote access to my mySQL OR is there a better way of managing the db remotely whilst still being able to run these apps???
Thanks
ant
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
My experience has been pretty good here. My first hosting company allowed remote connections - no questions asked. The second hosting company did not allow remote connections to the server they initially configured me for, but when I specifically asked, they set up a new database for me on a publicly-accessible MySQL server instance. A third company (cheap) provided remote access out of the box - no questions asked.
ASKER
lol... seems like a bit varied response there. Would you say that in your experience then, if you db is being hosted by a company that is allowing remote access to the database, that the databases are secure (as much as they can be at least and assuming that they take the security steps recommended for allowing people to remotely connect to the db).
Also is this any more and any lest secure than using SQLyog to connect to a mysql database via HTTP tunnel (note sure if you have had experience with this type of connection or not).
Thanks ant
Also is this any more and any lest secure than using SQLyog to connect to a mysql database via HTTP tunnel (note sure if you have had experience with this type of connection or not).
Thanks ant
I think it runs the gamut. Some hosting companies really know what they are doing and their databases are well-configured and managed in a secure manner. Others just throw them up there, give you an account and password, and let you go to it. I haven't used HTTP tunnel before.
ASKER
Well i suppose the question comes down to how will i be able to pick a host that "now what they are doing and their databases are well-configured and managed in a secure manner"??? Is there something that i should ask or be addressing, that would let one know whether the host is a host the is well managed and secure?
Thanks
ant
Thanks
ant
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Cool...
Thanks a lot for help.
ant
Thanks a lot for help.
ant
ASKER
Is it common to find a web hosting company that allows remote connections like this to their client databases.
ant