如何允许远程访问我的数据库?
我目前正在通过 $_SESSION['connection'] = odbc_connect('Driver={MySQL ODBC 5.1 Driver};Server=localhost;Database=mysql;Option=3;', 'root', '' 访问数据库);
除了我需要为该帐户设置密码(甚至可能使用 root 以外的其他帐户?并且可能更改数据库名称?)这一事实之外,我想编写一些可以分发的代码将安装在多个地点。
我想在每个站点使用相同的代码,尽管我无法提前知道 IP 地址。我该怎么办?我是否只需告诉他们的 IT 人员为 myDatabaseServer 之类的内容设置 DNS 转换,然后在 odbc_connect 中用 Server=myDatabaseServer 替换 Server=localhost () 称呼?或者我需要对 Windows 控制面板中的 ODBC 管理器进行一些操作吗?
嗯,我可能应该在分发代码之前混淆或完成代码...
更新:我发现这个问题其中说
In your MySQL configuration file (my.cnf), you need the following at least:
port = 3306 # Port MySQL listens on
bind-address = 192.168.1.15 # IP address of your server
# skip-networking # This should be commented out to enable networking
我假设bind-address可以是myDatabaseServer,这样我就不需要编辑每个远程站点的配置文件(?)
它还说GRANT ALL ON test.* TO 'root'@'192.168.1.15' IDENTIFIED BY ''; 那么这是一个必须在数据库上运行一次的命令吗?但我不能提前知道IP地址吗?事实上,多个用户可能需要访问 - 我可以将其通配符为 192.168.. 吗?真的真的需要这样吗?有什么方法可以让我配置一次,而不提前知道每个用户将使用哪个网络地址范围(我知道这听起来不安全,但我可以授予每个人访问权限并依赖密码保护,而且没有外人知道)数据库在那里吗?)
I am currently accessing the database by $_SESSION['connection'] = odbc_connect('Driver={MySQL ODBC 5.1 Driver};Server=localhost;Database=mysql;Option=3;', 'root', '');
Apart fromt the fact that I need to get a password put on that account (and maybe even use another account than root? And probably change the databse name?), I want to write some code which I can disrtribute to be installed at several sites.
I want to use the same code at each site, although I can't know the IP addresses in advance. How do I go about that? Do I just tell their IT guy to set a DNS trandlation for something like myDatabaseServer and then substitue Server=localhost by Server=myDatabaseServer in the odbc_connect() call? Or do I need to do somehing with the ODBC manager in the Windows control panel?
Hmmm, I should probably obfuscate or comple the code before ditributing it...
Update: I found this question which said
In your MySQL configuration file (my.cnf), you need the following at least:
port = 3306 # Port MySQL listens on
bind-address = 192.168.1.15 # IP address of your server
# skip-networking # This should be commented out to enable networking
I presume thatbind-address coudl be myDatabaseServer, so that I don't need to edit the config file for each remote site(?)
It also said GRANT ALL ON test.* TO 'root'@'192.168.1.15' IDENTIFIED BY ''; So that is a command that has to be run once on the databse? But I can't know the IP adress in advance? In fact, multiple users may need access - can I wildcard it to 192.168..? Is thus really, really needed? Is there any way that I can dconfigure it once, not knowing in advance which range of netwrok addresses each user will use (I know that it sounds insecure, but could I just grant access to everyone and rely on password protection, plus no outsiders knowing that the databse is there?)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
bind-address只能设置为IP地址,不能设置域名,指的是mysql服务器将绑定到的传出IP地址。但是,在外部连接时,您始终可以将
bind-address设置为0.0.0.0,这样 mysql 服务器将接受其有权访问的任何接口上传入的 3306 连接。管理端将负责命名服务器,您可以通过该名称连接到它。正确设置后,您只需要设置适当的用户凭据,以便外部用户可以从给定的 IP(或模式)进行连接。
例如,
请参阅此处了解外部 IP 模式。
当然,一般情况下您应该使用受限访问帐户,并仅允许访问特定的数据库/表(db.* 通常是可以接受的)
The
bind-addresscan only be set to an IP address, not a domain name, and refers to the outgoing IP address that the mysql server will bind to.However, when connecting externally, you can always just set the
bind-addressto0.0.0.0that way the mysql server will accept incoming 3306 connections on any interface it has access to. The admin side would look after naming the server, and you can connect to it by that name.Once that is set correctly you just need the appropriate user credentials set up, so that an external user can connect from a given IP (or pattern).
e.g.
See here for external IP patterns.
Of course, you should use a limited access account in general, and allow access to only specific database/tables (db.* is usually acceptable)
只是为了添加 Slomojo 的准确答案:对权限进行任何更改后,不要忘记在 mysql 中刷新权限;。
Just to add to Slomojo's accurate answer: Don't forget to
flush privileges;in mysql after making any changes to privileges.