0

Here's the question, I need to connect to a remote MySQL database from my C# Application, problem is the MySQL instance will block all access to all IP's apart from localhost, this can not be changed as its too much of a security issue.

The question is, is it possible to connect via a tunnel instead to a php script hosted on the server, this would then act as the mysql connection.

Any ideas and suggestions?

Improve this question
2
  • So you'd have the PHP script push sql commands to the local mysql server? Sounds like a hack that will create a gaping security hole. Can't you just open up mysql to a specific set of IP's? Commented Apr 11, 2012 at 11:31
  • @LeeDavis The issue is the people using the software will be out on site at different clients each day, this would cause more of a security issue than securing a php script Commented Apr 11, 2012 at 11:50

3 Answers 3

Reset to default
2

SQLYog (a mysql management GUI utility) already has this php tunnel script with its own custom API, so if you consider writing it yourself, would be nice to have cross-support. See Is there any good universal PHP MySQL HTTP tunnel?

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

hmmm if I'm reading that right they pass xml to the php script to run the commands and return xml. While that would work I could create my own API system instead, the idea is to open up mysql to raw commands without hooking into port 3306.
Well since mysql uses TCP (or sockets or pipes) as its protocol, while php is called through a HTTP web server.. you would need to run php as a daemon and thus still require some port to maintain TCP. Which is pointless.. Same questions were closed previously too.. stackoverflow.com/questions/5539793/tunnelling-tcp-over-http
0

yes, just create a simple PHP script that will give you the desired output and use http request from the c# application to that php script to get the data - basically, you'll be building a very simple REST API (with authentication)

p.s. I don't see how that would be more secure than SSH tunnelling

Improve this answer

Comments

0

I ended up with going for an SSH port tunnel and achieving what I needed to do that way.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.