You should only allow a static remote IP access to your local MySQL server, since enabling all IP addresses is a security hazard. Use the guide below as a reference for the procedure that you need to follow to enable remote access.

SOURCE

Change mysql config

Start with editing mysql config file

vim /etc/mysql/my.cnf

Comment out following lines.
#bind -address = 127.0.0.1 #skip -networking

If you do not find skip-networking line, add it and comment out it.

Restart mysql server.

~ /etc/init.d/mysql restart

Change GRANT privilege

You may be surprised to see even after above change you are not
getting remote access or getting access but not able to all databases.

By default, mysql username and password you are using is allowed to
access mysql-server locally. So need to update privilege.

Run a command like below to access from all machines. (Replace
USERNAME and PASSWORD by your credentials.)

mysql> GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'@'%' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION;

Run a command like below to give access from specific IP. (Replace
USERNAME and PASSWORD by your credentials.)

mysql> GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'@'1.2.3.4' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION;

You can replace 1.2.3.4 with your IP. You can run above command many
times to GRANT access from multiple IPs.

You can also specify a separate USERNAME & PASSWORD for remote
access.

You can check final outcome by:

SELECT * from information_schema.user_privileges where grantee like "'USERNAME'%";

Finally, you may also need to run:

mysql> FLUSH PRIVILEGES;

Test Connection

From terminal/command-line:

mysql -h HOST -u USERNAME -pPASSWORD

If you get a mysql shell, don’t forget to run show databases; to check
if you have right privileges from remote machines.

Bonus-Tip: Revoke Access

If you accidentally grant access to a user, then better have revoking
option handy.

Following will revoke all options for USERNAME from all machines:

mysql> REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'USERNAME'@'%';
Following will revoke all options for USERNAME from particular IP:

mysql> REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'USERNAME'@'1.2.3.4';
Its better to check information_schema.user_privileges table after running REVOKE command.

If you see USAGE privilege after running REVOKE command, its fine. It
is as good as no privilege at all. I am not sure if it can be revoked.

10% popularity Vote Up Vote Down

Feed

: Enable remote access to MySQL server (Linux) How can I enable remote access to my MySQL Debian server?

More posts by @Hamm4606531

: What are the advantages of using a 3rd party product review aggregator compared to self managing reviews? We want to start collecting Product Reviews on our site but I don't know if it's best

: Strange Bingbot hits in my website access logs I'm seeing many hits to my site recently in the access logs and I'm not sure what to do with them. The pages they are trying to reach do not

: Google doesn't index my pages managed by session My website has an architecture like this: em1 sub1 sub2 ... em2 sub1 sub2 ... em3 ... ... All elements "em" has the same "sub" associated.

: How to improve referencing with plural keywords I have a website with a main keyword, which is 'événements' (events in french). It's a plural word for 'événement'. My problem is, I loose

Login to post a comment!

1 Comments

Back to top | Use Dark Theme