View Single Post
Old 01-23-07, 02:48 PM   #2
evilghost
Registered User
 
Join Date: Jul 2005
Posts: 3,606
Default Re: Mysql Remote Access

PHP is server-side, as a result the connection to the remote MySQL server will be made by the PHP webserver, not from the HTTP REMOTE_ADDR.

I'd just an iptables script to block access.

Assuming you're default INPUT policy is ACCEPT and mysql is listening on TCP 3306:

iptables -A INPUT -p tcp --dport 3306 -s ! PHP_webserver_ip -j DROP

Assuming you're default INPUT policy is DROP and mysql is listening on TCP 3306:

iptables -A INPUT -p tcp --dport 3306 -s PHP_webserver_ip -j ACCEPT
evilghost is offline   Reply With Quote