PHP mysqli_connect to remote server fails

I have converted my code to use mysqli since I'm on PHP 5.5.

Connecting to a DB on the same server works great.

        $db['host']                = '10.x.y.z';

        $db['user']                = 'myuser';
        $db['passwd']              = 'mypass';
       $db['db'] = 'my_db';


	if (! $this->ilink = mysqli_connect ($this->host, $this->user, $this->passwd, $this->db)) {
		error_log('mysqli connection error ' . mysqli_connect_error());
		return ("Could not connect to the MySQL Server on $this->host<br>".mysqli_connect_error());
	}

Open in new window

When I connect to another server on the same vlan I get:
mysqli connection error Can't connect to MySQL server on '10.x.y.z'

From the command line on that server, I can connect:
 mysql -h 10.x.y.z -u myuser -pmypass my_db

So I think that rules out MySql settings and firewall issues.

And the exact code works when going to localhost.

Can you see what I'm doing wrong?
LVL 32
Daniel WilsonAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ahmed MerghaniSoftware EngineerCommented:
Try to telnet the remote server on port 3306 to insure that if the port is open.
0
Daniel WilsonAuthor Commented:
From the command line on that server, I can connect:
 mysql -h 10.x.y.z -u myuser -pmypass my_db

Doesn't that prove the port is open?

But, yes, telnet 10.x.y.z 3306 gets me connected.
0
Haris DulicCommented:
Hi,

by default the remote connections on the MySql server are forbidden i.e. only connections from local host can be made.

In order to enable this you need to edit the /etc/my.conf file and change the parameter bind-address to your server IP and to add execution to your firewall to allow incoming traffic on port 3306.

My suggestion is that you do not do that, since it is more secure. What you can do and still keep it secure and allow remote access it to create ssh tunnel between those two server and then do the port forwarding. Here is the link to how to Tunnel MySQL over SSH..
0
Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

Daniel WilsonAuthor Commented:
They're on the same vlan.  Outside connections to the port are prohibited by the firewall / port forwarding appliance.  While an SSH tunnel from .a to .z isn't a bad idea, it really doesn't seem necessary.

I know that by default remote connections cannot be made.

But I'm already making remote connections via the MySql command-line tool.

Why can I NOT do via mysqli_connect what I CAN do via Mysql command-line?
0
Haris DulicCommented:
Hi,

just to make sure we are on the same page. Let call your source server Server A and your destination Server B.

If you do  mysql -h Server B -u myuser -pmypass my_db from Server A what do you get?

Connection from Server B to MySQL server hosted on Server B is consider as local connection. You can connect by using its IP address since in the /etc/host you have it translated to localhost.
0
Ahmed MerghaniSoftware EngineerCommented:
Yes you are right Daniel that means the port is open.
I realized in your code:
mysqli_connect ($this->host, $this->user, $this->passwd, $this->db)

Open in new window

Do you mean this:
mysqli_connect ($db['host'], $db['user'], $db['passwd'], $db['db'])

Open in new window

0
Daniel WilsonAuthor Commented:
the connection to serverB from serverA  via the mysql command-line works.

That's what I've been trying to say.
0
Daniel WilsonAuthor Commented:
Yes, I collapsed 2 different sections of code in my example.

OK, hard-coded ...

if (! $this->ilink = mysqli_connect ('10.1.60.4', 'myuser', 'mypass', 'my_db')) {
                  error_log('mysqli connection error ' . mysqli_connect_error());
                  return ("Could not connect to the MySQL Server on $this->host<br>".mysqli_connect_error());
            }

Actually, first time I hardcoded it, I made a mistake and got a different error:
 mysqli connection error Unknown MySQL server host '10.1..60.4'

Correcting that ..60 to .60
I'm back to
mysqli connection error Can't connect to MySQL server on '10.1.60.4' (13)

(I realize I've provided IP addresses, but they're clearly internal.)
0
Haris DulicCommented:
Can you post the output of this command on serverA getsebool httpd_can_network_connect_db?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Daniel WilsonAuthor Commented:
 getsebool httpd_can_network_connect_db
httpd_can_network_connect_db --> off

Open in new window


That doesn't look good.
0
Daniel WilsonAuthor Commented:
Wow!

sudo setsebool httpd_can_network_connect_db on

and it works!
0
Haris DulicCommented:
To enable the remote connection from your ServerA which host the HTTP server you need to do this :
setsebool -P httpd_can_network_connect 1.

Open in new window


If you want to allow HTTPD scripts and modules to connect to databases over the network, you must turn on the httpd_can_network_connect_db boolean

Based on the http://linux.die.net/man/8/httpd_selinux
0
Daniel WilsonAuthor Commented:
Ah, -P to persist.

Thank you very much!
0
Ahmed MerghaniSoftware EngineerCommented:
Then I think you need to turn on it:
setsebool httpd_can_network_connect_db 1

Open in new window

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.