What's new

Closed Linux Slackware 14.2 - cannot access mysql database server from web server

Status
Not open for further replies.
W

Well1AmNichtDiePerson

Honorary Poster
Joined
Nov 20, 2017
Posts
252
Solutions
1
Reaction
29
Points
130
Sumusubok ako mag-setup ng web server, at database server gamit ang virtualbox.
Ang host OS ko ay Windows 10 x64. Ang Guest OS ko ay Windows 7 x86 web development, slackware x86 web server, at slackware x86 database server.

Ang problema ay hindi ko ma-access ang database server from web server. Parang naka-block ang web server sa database server.

Ito ang status ng server setup ko.
web server
- linux basic setup, basic network setup, enabled php
- ip: 176.18.10.10

database server
- linux basic setup, basic network setup, mysql database
- ip: 176.18.10.11
- uid: testwebuser
- pwd: testwebpwd
- db: crud_db

Windows 7 x86 web development setup
- ip: 176.18.10.12
- notepad++ (can access web server thru virtualbox shared folder feature)
- mysql browser (can access database server - can do add/edit/delete/update)
- chrome (can access URL in web server)
- php script: connect_db.php
pdo("mysql:host=176.18.10.11;dbname=crud_db", "testwebuser", "testwebpwd");

Salamat sa magre-reply.
 
Baka sa localhost lang ng database server naka-allow ang user. Dapat may access rin ang user from the web server IP, 176.18.10.10:

- from phpMyAdmin of (database server):
QqGyGaz.png

- or from terminal of database server:
Bash: 
$ mysql -u root -p
mysql> GRANT ALL PRIVILEGES ON crud_db.* TO 'testwebuser'@'176.18.10.10' IDENTIFIED BY 'testwebpwd';
mysql> FLUSH PRIVILEGES;

- kung may mysql client ka sa web server, test mo ang connectivity from the terminal:
Bash: 
$ mysql -u testwebuser -h 176.18.10.11 -p
Enter password:
Welcome to the MySQL monitor.
...
mysql>
 

Attachments

Test mo connectivity from the web server itself. Baka may firewall ang Slackware by default, at naka-block ang port 3306 ng database server.

- kung may telnet client ang web server:
Bash: 
telnet 176.18.10.11 3306

- or use the mysql command as stated previously kung may mysql client ang web server
 
hindi ko nilagyan ng mysql ang web server kasi ang setup ko ay hiwalay ang web server sa database server.

Pero Ok lang. Nasa development lang naman ako. i-try ko mag-setup ng mysql for testing lang.

Pero paano kapag ang server ay pang-production, kailangan ko pa rin bang mag-install ng mysql sa web server para sa testing ng connectivity???? hindi ba pwede ang php script para sa testing ng mysql connection???
 
Hindi mysql-server ang pinapa-install sa iyo. mysql client lang para ma-invoke mo ang "mysql" command from the web server. Kung sa CentOS o Debian/Ubuntu yan, isang simpleng command lang. Isang binary lang yan:

Bash: 
# yum install mysql

# apt install mysql
 
gabotron said:
Test mo connectivity from the web server itself. Baka may firewall ang Slackware by default, at naka-block ang port 3306 ng database server.

- kung may telnet client ang web server:
Bash: 
telnet 176.18.10.11 3306

- or use the mysql command as stated previously kung may mysql client ang web server
Click to expand...

terminal:
# telnet 176.18.10.11
Click to expand...
trying 176.18.10.11...
telnet: connect to address 176.18.10.11: No route to host

# telnet 176.18.10.11 3306
Click to expand...
trying 176.18.10.11...
telnet: connect to address 176.18.10.11: No route to host

sinubukan ko ping... destination unreachable....
 
Nakita ko na ang mali sa setup ko.

web server
- Virtual Machine Adapter setup
- Bridge Adapter (LAN) -> changed to NAT Network

database server
- Virtual Machine Adapter setup
- NAT Network

Windows 7 x86 web development setup
- Virtual Machine Adapter setup
- NAT Network
- Bridge Adapter (LAN)
 
terminal:
# telnet 176.18.10.11
Click to expand...
trying 176.18.10.11...
telnet: connect to address 176.18.10.11: Connection refused

# telnet 176.18.10.11 3306
Click to expand...
trying 176.18.10.11...
Connected to 176.18.10.11.
Escape character is '^]'.
Y
blahblahblah....some gibrish...Connection closed by foreign host.

OK na rin ang ping....
 
Sunod naman gagawin ko ay securing /hardening ng web server at database server.

Makahingi nga po ng advise sa inyo mga lodi kung paan ito ma-achieve. Salamat....
 
Sa database server, lock ko lang lahat ng ports via firewall - iptables sa CentOS 7/Ubuntu 18.04 or nftables via firewalld sa CentOS 8/Ubuntu 20.04. Access list lang para ma-specify ko ang allowed IP's.

Sa Apache web server, pwede mo follow 'to: https://geekflare.com/apache-web-server-hardening-security/

Usually okay na ako sa:
Apache config: 
TraceEnable off
ServerTokens Prod
ServerSignature Off

Sa nginx, add lang ako server_tokens off; sa main nginx.conf config, okay na.

Actually, di na uso itong mga monolithic setups. Masyadong ma-trabaho. Mas mabilis sa Docker ang LAMP/LEMP setups (Apache/Nginx, MariaDB/MySQL, PHP/PHP-FPM). Wala ka pang aalahanin sa connectivity o sa multiple VM's.
 
Status
Not open for further replies.

Similar threads

Popular Tags

best centos computer debian debian 9 distro droplet dual boot hack how how to kali kali linux kali linux 2 linode linux linux distro linux for beginners linux os networking on openvpn operating system os ovpn problem proxy python raspberry pi samba script server softether squid squid proxy ssh ssl terminal termux tutorial ubuntu update vpn vps vps autoscript wifi windows windows 10 wireless adapter with

About this Thread

  • 13
    Replies
  • 332
    Views
  • 2
    Participants
Last reply from:
gabotron

New Topics

Popular On This Forum

Online statistics

Members online
475
Guests online
4,209
Total visitors
4,684
Back
Top