In linux, mysql enables remote access and opens port 3306 through the firewall.

Source: Internet
Author: User

In linux, mysql enables remote access and opens port 3306 through the firewall.

Enable mysql Remote Access Permissions

By default, mysql users do not have the permission for remote access. Therefore, when the program is not on the same server as the database, we need to enable the remote access permission for mysql.

There are two mainstream Methods: table modification and authorization.

Relatively speaking, it is easier to change the table method. individuals prefer to use this method. Therefore, only the alter table method is attached here.

1. log on to mysql

mysql -u root -p 

2. Modify the user table of the mysql database and change the host item from localhost to %. % This indicates that access from any host is allowed. If only one ip address is allowed, you can change it to the corresponding ip address. For example, you can change localhost to 192.168.1.123, this means that only the ip address 192.168.1.123 of the LAN can remotely access mysql.

mysql> use mysql; mysql> update user set host = '%' where user = 'root'; mysql> select host, user from user; mysql> flush privileges; 

Open firewall port 3306

1. Open the firewall configuration file

vi  /etc/sysconfig/iptables

2. Add the following line

-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT

3. Restart the Firewall

service  iptables restart

Note: The added statement to open port 3306 must be before icmp-host-prohibited.

Appendix: Personal Configuration

# Firewall configuration written by system-config-firewall# Manual customization of this file is not recommended.*filter:INPUT ACCEPT [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [0:0]-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT-A INPUT -p icmp -j ACCEPT-A INPUT -i lo -j ACCEPT-A INPUT -i eth0 -j ACCEPT-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT-A FORWARD -p icmp -j ACCEPT-A FORWARD -i lo -j ACCEPT-A FORWARD -i eth0 -j ACCEPT-A INPUT -j REJECT --reject-with icmp-host-prohibited-A FORWARD -j REJECT --reject-with icmp-host-prohibitedCOMMIT


Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.