Results 1 to 26 of 26

Thread: Remote MySql and IP block in spite of % declaration?

  1. #1

    Thread Starter
    Lively Member
    Join Date
    Oct 2013
    Posts
    110

    Remote MySql and IP block in spite of % declaration?

    Hello,

    I am developing an application (VB .NET) accessing to a remote MySQL database. The project works well but I am not experienced about WAN applications so I need to ask your advices about my target and WAN concept.

    My MySQL database is at the server which is being provided by our hosting company (www.xxxxxxxx.com domain hosting company). The server uses cPanel and we have the rights to create unlimited MySql databases in cPanel.

    I have created a database and configured the fields and coded my application in my PC. All is good, works perfect as I wanted.

    But there is a problem about IP blocking as follows.

    While I create my MySQL database I also entered % declaration in cPanel in "allowed IPs section" to access my database from any where. As you may know this means all IPs are allowed to access the database.

    But my app. could not establish a connection with the database at first. I called my hosting company and asked about this situation. They have asked my IP. I have found it via www.whatismyip.com and informed my hosting company and they allowed my IP to access my database. After that, my app connected o database without any problem. It sounded me a little weird because I had put % declaration in the "allowed IPs section". My hosting company said me that, thay have allowed my IP in their firewall also. It is all IPs blocked as default. I asked them to allow all IPs to my database but they said no because of security issues.

    Potentially, my app. will be installed on different PCs in all over the wold in time because this is a commercial app. Any customer who buy this app won't be able to use it because his/her IP is not allowed in hosting company's firewall. Of course I can't request IP form my customers and ask my hosting company to allow it each time. Not a way!

    So, I talked with different people, some of them advised me to hire dedicated server, some of them offered VPN, the others said neither dedicated nor VPN will solve this issue because firewall management needs root access to the server bla bla bla...

    I am not enough familiar about server issues, terms, traps etc.

    So can somebody say me what is the way to overcome this problem. All I want is my program can connect to the host from anywhere. I am sure there are people in here to write app for database access in WAN environment. I would be appreciated if they can share their ways with me in here.

    Thanks in advance.

  2. #2
    Frenzied Member
    Join Date
    Dec 2014
    Location
    VB6 dinosaur land
    Posts
    1,191

    Re: Remote MySql and IP block in spite of % declaration?

    Frankly, I'm shocked a shared host company would allow even your IP to connect remotely.

    A dedicated server should do it, whether you host it yourself (you would need a static IP from your ISP) or you have some third party host it. I'd recommend the latter since you don't seem like you could keep it secure.

    However, the other option would be to program a WebService that is local to the database that your .Net application would then use as an interface between the users and MySQL.

  3. #3
    Smooth Moperator techgnome's Avatar
    Join Date
    May 2002
    Posts
    34,531

    Re: Remote MySql and IP block in spite of % declaration?

    Your host has done a good thing. If they open the database up so that any IP could connect to it... ANY ONE could connect to it! That would be a security risk. Any good reliable host will put their database servers behind a firewall, in a DMZ area so that the web servers can get to it, but the outside world cannot get direct access to it. So what do the rest of us do in cases like this? We build a web-based service layer on top of it./ A url-based proxy of sorts that when invoked talks to the database on our behalf and then returns the data either as some form of recognizble object, JSON or XML. Fopr example I'm working on one now that deals with users, so when I need to get a user's information, I invokes a URL similar to this: https://somelocaldomain/api/user/23 and it returns the information about user 23 in a JSON format. When I need to update that user, I use the same url, pass it a properly formatted JSON object and use a PATCH (instead of a GET) method ... and the server end knows which endpoint to invoke (since it's configured as such). IF I were to use that same url with a DELETE method though, it would error out, because we don't allow for the deletion of user profiles. So that call would be rejected.

    In short, you would need something similar, some way of your app to invoke queries on the database and have that data retrieved/updated over the web as needed.

    -tg
    * I don't respond to private (PM) requests for help. It's not conducive to the general learning of others.*
    * I also don't respond to friend requests. Save a few bits and don't bother. I'll just end up rejecting anyways.*
    * How to get EFFECTIVE help: The Hitchhiker's Guide to Getting Help at VBF - Removing eels from your hovercraft *
    * How to Use Parameters * Create Disconnected ADO Recordset Clones * Set your VB6 ActiveX Compatibility * Get rid of those pesky VB Line Numbers * I swear I saved my data, where'd it run off to??? *

  4. #4

    Thread Starter
    Lively Member
    Join Date
    Oct 2013
    Posts
    110

    Re: Remote MySql and IP block in spite of % declaration?

    Thank you very much for all comments. It was amazing for me to speak with experts.

    Quote Originally Posted by topshot View Post
    A dedicated server should do it, whether you host it yourself (you would need a static IP from your ISP) or you have some third party host it. I'd recommend the latter since you don't seem like you could keep it secure
    Yes you're right. Absolutely, the latter is better for me. If I hire a dedicated server, won't it have a firewall? If it won't, what is the thing to protect my database against bad boys? If it will, what will be different than current situation to penetrate the firewall with my app?


    Quote Originally Posted by techgnome View Post
    If they open the database up so that any IP could connect to it... ANY ONE could connect to it!
    How can this be possible? Because "connection string" has domain name, cPanel user name, database user name and user password. Someone should have all this information to connect to the database. Am I so naive?

  5. #5
    PowerPoster PlausiblyDamp's Avatar
    Join Date
    Dec 2016
    Location
    Pontypool, Wales
    Posts
    2,458

    Re: Remote MySql and IP block in spite of % declaration?

    Quote Originally Posted by ucanbizon View Post
    Yes you're right. Absolutely, the latter is better for me. If I hire a dedicated server, won't it have a firewall? If it won't, what is the thing to protect my database against bad boys? If it will, what will be different than current situation to penetrate the firewall with my app?
    It depends on what exactly is on offer, some vendors may allow you to manage the firewall ports to your own server allowing you to open you database up to the entire internet. If you do open up the port though then you are putting yourself at risk by allowing direct access to the database.

    Quote Originally Posted by ucanbizon View Post
    How can this be possible? Because "connection string" has domain name, cPanel user name, database user name and user password. Someone should have all this information to connect to the database. Am I so naive?
    You might need a connection string etc. to connect to the database correctly, however if the server is accessible from the internet then you are potentially leaving yourself discoverable if people are just running port-scans against ip address ranges.if they detect you listening on a well known port then there is nothing to stop them trying to guess at username / password combinations or try other potential exploits - especially if the server version has know vulnerabilities.

    Ideally don't make your database directly available on the internet, do as others have recommended and build a service layer that would talk to the database and the end user application would talk to this service layer.

  6. #6

    Thread Starter
    Lively Member
    Join Date
    Oct 2013
    Posts
    110

    Re: Remote MySql and IP block in spite of % declaration?

    Thank you for the information.

    DMZ, Web service, JSON, XML etc? These are words from different world for me. I don't know I can overcome. The first thing I need to learn is that, what does make a machine a web service? Should I need my hosting provider? and many questions. It's time to dive into new world or give up. Will see...

    Thanks again and take care.

  7. #7
    PowerPoster PlausiblyDamp's Avatar
    Join Date
    Dec 2016
    Location
    Pontypool, Wales
    Posts
    2,458

    Re: Remote MySql and IP block in spite of % declaration?

    Quote Originally Posted by ucanbizon View Post
    Thank you for the information.

    DMZ, Web service, JSON, XML etc? These are words from different world for me. I don't know I can overcome. The first thing I need to learn is that, what does make a machine a web service? Should I need my hosting provider? and many questions. It's time to dive into new world or give up. Will see...

    Thanks again and take care.
    The machine would typically need some form of web server to host your web service, any hosting provider should be able to offer this.

    As you are developing in VB.Net you could write the service using the WebAPI framework (very easy to set up and fairly easy to use once you get used to it) which would allow you to make calls via http and get data back as JSON. Your application would talk to this service rather than the database directly, the service would be hosted by your hosting provider and would talk directly to the database.

  8. #8
    Frenzied Member
    Join Date
    Dec 2014
    Location
    VB6 dinosaur land
    Posts
    1,191

    Re: Remote MySql and IP block in spite of % declaration?

    Quote Originally Posted by ucanbizon View Post
    If I hire a dedicated server, won't it have a firewall? If it won't, what is the thing to protect my database against bad boys? If it will, what will be different than current situation to penetrate the firewall with my app?
    Mostly YOU still. Though I'd recommend getting one where the host manages the server for you since they would know security much better. I believe Rackspace offers such an option and I'm sure there are others.

    However, I'd still say the BEST option is to use a webservice as some of us have already mentioned.

    How can this be possible? Because "connection string" has domain name, cPanel user name, database user name and user password. Someone should have all this information to connect to the database. Am I so naive?
    You need IP, port, user and pwd. The first 2 are easy, then they brute force the latter 2.

    I took over some public facing servers and it scares me to death. I really wish I had the time to convert them to only using webservices. I do have them locked down as much as possible so only one user/pwd combo will work and that account has access to only the db it needs and the rights it needs. I see login attempts in the logfiles all the time.

  9. #9
    Smooth Moperator techgnome's Avatar
    Join Date
    May 2002
    Posts
    34,531

    Re: Remote MySql and IP block in spite of % declaration?

    Quote Originally Posted by PlausiblyDamp View Post
    As you are developing in VB.Net you could write the service using the WebAPI framework (...
    Maybe... depends on what the host supports... if they don't support .NET running on the server, it won't do a whole lot of good building a web service in it. So the first thing to do is find out what server=side technology the OP has access to in his plan with his host. From there a decision can then be made on how to proceed forward.

    -tg
    * I don't respond to private (PM) requests for help. It's not conducive to the general learning of others.*
    * I also don't respond to friend requests. Save a few bits and don't bother. I'll just end up rejecting anyways.*
    * How to get EFFECTIVE help: The Hitchhiker's Guide to Getting Help at VBF - Removing eels from your hovercraft *
    * How to Use Parameters * Create Disconnected ADO Recordset Clones * Set your VB6 ActiveX Compatibility * Get rid of those pesky VB Line Numbers * I swear I saved my data, where'd it run off to??? *

  10. #10

    Thread Starter
    Lively Member
    Join Date
    Oct 2013
    Posts
    110

    Re: Remote MySql and IP block in spite of % declaration?

    Thank you for your kind help.

    I have asked my hosting provider if they offer "Web service".

    They told me:

    Hi,
    Web service is a broad term, we offer web services, but as we do not know
    what you are trying to do with the Database, we cannot confirm if we offer
    the service you need. Please provide more information so we may assist you.
    Thank you,


    What should I ask them to describe myself correctly?

  11. #11
    PowerPoster PlausiblyDamp's Avatar
    Join Date
    Dec 2016
    Location
    Pontypool, Wales
    Posts
    2,458

    Re: Remote MySql and IP block in spite of % declaration?

    If you are wanting to write your service in .Net then you would need to check if they support .Net applications running on their servers. If you are choosing a different technology then you would need to see if that is supported specifically.

  12. #12
    Smooth Moperator techgnome's Avatar
    Join Date
    May 2002
    Posts
    34,531

    Re: Remote MySql and IP block in spite of % declaration?

    You need to ask then what server side technologies your hosting package supports. Don't ask they generically what they support. If I were to ask my host what they support, they would tell me ASP, ASP.NET, .NET, PHP, Windows, LINUX, and a whole bunch of other things. But only some of that is relevant to my package. Since I have a Linux package, only the Linux, and PHP items would apply, not the ASP, ASP.NET, or .NET. So make sure the questions you're asking are about YOUR specific hosting package.

    -tg
    * I don't respond to private (PM) requests for help. It's not conducive to the general learning of others.*
    * I also don't respond to friend requests. Save a few bits and don't bother. I'll just end up rejecting anyways.*
    * How to get EFFECTIVE help: The Hitchhiker's Guide to Getting Help at VBF - Removing eels from your hovercraft *
    * How to Use Parameters * Create Disconnected ADO Recordset Clones * Set your VB6 ActiveX Compatibility * Get rid of those pesky VB Line Numbers * I swear I saved my data, where'd it run off to??? *

  13. #13
    Frenzied Member
    Join Date
    Dec 2014
    Location
    VB6 dinosaur land
    Posts
    1,191

    Re: Remote MySql and IP block in spite of % declaration?

    As others noted, you need to know what server side technologies are supported on your current hosting package. That will tell you what you need to code your webservice in, which will most likely be either PHP or .Net, but could also be Python, Java or a variety of other languages.

    Perhaps you should share a little more about what you are expecting from your client program and the database. You said this was a commercial application. Is this database just going to be used as some sort of licensing server? Will customers be storing actual data in it? If so how many customers do you expect and how much data? I'm just wondering if Azure, AWS, etc may be something you should look into for hosting the db vs some generic shared host.

  14. #14

    Thread Starter
    Lively Member
    Join Date
    Oct 2013
    Posts
    110

    Re: Remote MySql and IP block in spite of % declaration?

    Thank you very much indeed for your patience.

    Each of your posts take me to one step forward and unfortunately causes new questions.

    When I googling, description for "web service" briefly says that "it is an cross-platform communication solution between two system". So why is that important which language does my web service support? It could be PHP or or Python, java etc. They all will do the same job. It will get my queries from my app which is running on customers PC, send it to database server, get results from it and send it to my app back.

    I was assuming that web service is a physical machine configured as a web service. But my searches showed me that, a web service is a bunch of codes running on the domain server at my hosting company. So if I have enough information about creating a web service issues, I don't need to request anything from my hosting company. Because in my cPanel there is a section about PHP issues. Please see screen shot. My hosting company said that they were using PHP and mySQL in web service also. Is this the place I need to create my web own services in it? Do I need my hosting company in anyway assuming that I am good enough about web service issues and PHP. Of course I have no idea how to do it now but I want to be sure if I am working on the right starting point part.

    Name:  cPanelPHPsection.jpg
Views: 212
Size:  14.2 KB

  15. #15
    PowerPoster PlausiblyDamp's Avatar
    Join Date
    Dec 2016
    Location
    Pontypool, Wales
    Posts
    2,458

    Re: Remote MySql and IP block in spite of % declaration?

    Quote Originally Posted by ucanbizon View Post
    Thank you very much indeed for your patience.

    Each of your posts take me to one step forward and unfortunately causes new questions.

    When I googling, description for "web service" briefly says that "it is an cross-platform communication solution between two system". So why is that important which language does my web service support? It could be PHP or or Python, java etc. They all will do the same job. It will get my queries from my app which is running on customers PC, send it to database server, get results from it and send it to my app back.

    I was assuming that web service is a physical machine configured as a web service. But my searches showed me that, a web service is a bunch of codes running on the domain server at my hosting company. So if I have enough information about creating a web service issues, I don't need to request anything from my hosting company. Because in my cPanel there is a section about PHP issues. Please see screen shot. My hosting company said that they were using PHP and mySQL in web service also. Is this the place I need to create my web own services in it? Do I need my hosting company in anyway assuming that I am good enough about web service issues and PHP. Of course I have no idea how to do it now but I want to be sure if I am working on the right starting point part.

    Name:  cPanelPHPsection.jpg
Views: 212
Size:  14.2 KB
    It isn't important which language your service supports as it is a language agnostic way of doing things, however your hosting environment needs to support the language you choose to write the service in.

    If your hosting company only supports PHP then you are pretty limited in your options of language, PHP it will have to be. Either that or switch providers, or maybe a self hosted machine but then things are starting to get complicated.

  16. #16

    Thread Starter
    Lively Member
    Join Date
    Oct 2013
    Posts
    110

    Re: Remote MySql and IP block in spite of % declaration?

    Hi,

    I need to clarify a point, if you don't mind.

    My hosting provider says that:
    We offer PHP and MySQL databases. If this will work with your app
    we can do this, if not you will need a different web service.

    Why do they need to ask such a question? I was thinking that the language to create a web service is not important. I will send some queries to the web service (I don't know how at the moment) and web service will send me answers and I will receive them in my code (I don't know how also) whatever is my own application's language (it is VB .NET at the moment).

    Enlighten me please?
    Thank you.

  17. #17
    PowerPoster PlausiblyDamp's Avatar
    Join Date
    Dec 2016
    Location
    Pontypool, Wales
    Posts
    2,458

    Re: Remote MySql and IP block in spite of % declaration?

    If you are writing a web service you would need to choose which language you want to write it in. You can write a webservice in any language you choose.

    However if you are writing a webservice in VB.Net you would need a hosting provider that supports .Net based applications, if you choose to write your service in Java then you would need a hosting environment that supports Java applications etc. It sounds like your provider only supports PHP so you would either need to learn PHP or find a provider that supports your language of choice.

  18. #18
    Frenzied Member
    Join Date
    Dec 2014
    Location
    VB6 dinosaur land
    Posts
    1,191

    Re: Remote MySql and IP block in spite of % declaration?

    Quote Originally Posted by ucanbizon View Post
    Why do they need to ask such a question? I was thinking that the language to create a web service is not important.
    It's not. They're just telling you if you don't want to program in PHP you're out of luck. You seem willing to learn PHP to write the webservice to communicate with your VB.Net program so go for it.

  19. #19

    Thread Starter
    Lively Member
    Join Date
    Oct 2013
    Posts
    110

    Re: Remote MySql and IP block in spite of % declaration?

    Thank you.

    regarding the underlined part of my hosting provider's sentence
    My hosting provider says that:
    We offer PHP and MySQL databases. If this will work with your app
    we can do this, if not you will need a different web service.

    What does it mean "We can do this". Does it mean that they will write the PHP codes for me to the server or do they just try to say "they support PHP platform".?

  20. #20
    Frenzied Member
    Join Date
    Dec 2014
    Location
    VB6 dinosaur land
    Posts
    1,191

    Re: Remote MySql and IP block in spite of % declaration?

    I would take it as they support it.

    However, it could be possible they offer a programming service for a fee. There are some hosts that do such things but they are usually the larger ones with big support staff. Availability of such services would be listed somewhere on their website.

  21. #21

    Thread Starter
    Lively Member
    Join Date
    Oct 2013
    Posts
    110

    Re: Remote MySql and IP block in spite of % declaration?

    OK. Then please advise me PHP IDE.

    I have found this: https://windows.php.net/download/

    I have downloaded the latest version. There are many files in the zip but could not find any IDE to start to write my code like "Hello World".

  22. #22
    PowerPoster PlausiblyDamp's Avatar
    Join Date
    Dec 2016
    Location
    Pontypool, Wales
    Posts
    2,458

    Re: Remote MySql and IP block in spite of % declaration?

    That isn't an ide, that is the PHP source code (As far as I could tell at a glance). https://www.google.com/search?q=php+...hrome&ie=UTF-8 might be useful - also VSCode can support PHP.

  23. #23
    Smooth Moperator techgnome's Avatar
    Join Date
    May 2002
    Posts
    34,531

    Re: Remote MySql and IP block in spite of % declaration?

    ooooh dear....


    that's because there isn't one. PHP isn't like VB, where you just write code, compile it and then it "just runs" ... it's a bit more involved than that. PHP is a web server scripting language. On one hand, it means you can use anything you want to edit PHP files, from as simple as the lowly Notepad, to more sophisticated Notepad++, to more advanced VS Code, or even Aptana Studio. Or just about anything in between. It's all what you're comfortable with. I used to use Aptana Studio, now I'd use VS Code with the PHP plugins.

    Anyways, then you need a local webserver - assuming you're doing local development and testing first before pushing it out to the real webserver (which every good developer does) - which has the PHP modules installed ... now here's where you're probably going to kick yourself... the quickest way to get that is with WAMP or XAMPP .... WAMP - Windows (W), Apache (A), MySQL (M), PHP (P) ... XAMPP - Cross-Platform (X), Apache (A), MariaDB (M), PHP (P) and Perl (P).

    Once installed, then it's a matter of deploying your .PHP to the correct folder in the apache structure, and then accessing it through your browser and seeing it run. I could be wrong, i hope I'm wrong, but your posts give the impression of someone who is in a hurry... don't. Slow down. Take your time. Learn the technology stack involved. Get to know a bit about Apache and PHP understand what you're trying to do. In the end you may find that it's above your head, and that's OK, but jsut don't rush it.


    -tg
    * I don't respond to private (PM) requests for help. It's not conducive to the general learning of others.*
    * I also don't respond to friend requests. Save a few bits and don't bother. I'll just end up rejecting anyways.*
    * How to get EFFECTIVE help: The Hitchhiker's Guide to Getting Help at VBF - Removing eels from your hovercraft *
    * How to Use Parameters * Create Disconnected ADO Recordset Clones * Set your VB6 ActiveX Compatibility * Get rid of those pesky VB Line Numbers * I swear I saved my data, where'd it run off to??? *

  24. #24

    Thread Starter
    Lively Member
    Join Date
    Oct 2013
    Posts
    110

    Re: Remote MySql and IP block in spite of % declaration?

    Quote Originally Posted by techgnome View Post
    ooooh dear....


    that's because there isn't one. PHP isn't like VB, where you just write code, compile it and then it "just runs" ... it's a bit more involved than that. PHP is a web server scripting language. On one hand, it means you can use anything you want to edit PHP files, from as simple as the lowly Notepad, to more sophisticated Notepad++, to more advanced VS Code, or even Aptana Studio. Or just about anything in between. It's all what you're comfortable with. I used to use Aptana Studio, now I'd use VS Code with the PHP plugins.

    Anyways, then you need a local webserver - assuming you're doing local development and testing first before pushing it out to the real webserver (which every good developer does) - which has the PHP modules installed ... now here's where you're probably going to kick yourself... the quickest way to get that is with WAMP or XAMPP .... WAMP - Windows (W), Apache (A), MySQL (M), PHP (P) ... XAMPP - Cross-Platform (X), Apache (A), MariaDB (M), PHP (P) and Perl (P).

    Once installed, then it's a matter of deploying your .PHP to the correct folder in the apache structure, and then accessing it through your browser and seeing it run. I could be wrong, i hope I'm wrong, but your posts give the impression of someone who is in a hurry... don't. Slow down. Take your time. Learn the technology stack involved. Get to know a bit about Apache and PHP understand what you're trying to do. In the end you may find that it's above your head, and that's OK, but jsut don't rush it.


    -tg

    Ohhhh dear indeed.

  25. #25

    Thread Starter
    Lively Member
    Join Date
    Oct 2013
    Posts
    110

    Re: Remote MySql and IP block in spite of % declaration?

    Hi guys,

    I have set up XAMPP in my PC and created a test mysql database in it and wrote some codes in PHP and got some primitive responses when I invoke them via my browser.

    Thanks for your guidance.

    My question that, I have a mySQL database in server side I have created before. May I download it into my XAMPP environment? I don't want to spend time to recreate it in localhost manually. Is there a way to do that?

    My server control Panel is CPanel.

    Thanks,

  26. #26
    Smooth Moperator techgnome's Avatar
    Join Date
    May 2002
    Posts
    34,531

    Re: Remote MySql and IP block in spite of % declaration?

    You can create a "backup" of a MySQL database... which simply creates a set up SQL Scripts that you can then run that will rebuild and populate the database for you... But experience has taught me that it's never quite that simple and it takes some tweaking to get the scripts to run cleanly.

    -tg
    * I don't respond to private (PM) requests for help. It's not conducive to the general learning of others.*
    * I also don't respond to friend requests. Save a few bits and don't bother. I'll just end up rejecting anyways.*
    * How to get EFFECTIVE help: The Hitchhiker's Guide to Getting Help at VBF - Removing eels from your hovercraft *
    * How to Use Parameters * Create Disconnected ADO Recordset Clones * Set your VB6 ActiveX Compatibility * Get rid of those pesky VB Line Numbers * I swear I saved my data, where'd it run off to??? *

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width