Login | Register   
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


advertisement
 

Use SQLyog Tunneling for Secure MySQL Server Management

Have your ISP's security policies blocked remote access to your MySQL server? Learn how to securely connect to and manage a restricted MySQL server using SQLyog's HTTP and SSH tunneling features.


advertisement
ost Web hosting providers block port 3306 (the MySQL server port) at the firewall to prevent outside access. As a result, many MySQL developers and administrators can't access and manage their own MySQL servers remotely; they must use the Web-based interfaces that their ISPs provide. Although these Web-based tools generally are well designed, their responsiveness (or lack thereof) is vexing—especially the annoying page-refreshes.

This security issue takes even more prominence with the recent occurrence of a MySQL worm that attacks Windows Server. The UDF Worm is self-propagating code that finds MySQL servers running on Microsoft Windows with poor firewall and password security and exploits them.

To defend against this worm, MySQL experts recommend the following:

  • Block port 3306 on firewalls (as most ISPs do).
  • Restrict access to root accounts.
  • Use strong passwords that are resistant to brute force attacks.



To navigate such restrictive access, this article demonstrates how to securely connect and manage your MySQL server using SQLyog's HTTP and SSH tunneling features.

Using SQLyog with HTTP Tunneling
With HTTP tunneling, you can use all the features of a client/server application by just uploading a single PHP page (SQLyogTunnel.php) to your Web server. SQLyogTunnel.php exposes the MySQL API as a set of Web services that can be consumed by SQLyog (see Figure 1). This is exactly the architecture that Microsoft recommends in its "smart client" initiative.

 
Figure 1. SQLyog and HTTP Tunneling Architecture

SQLyog with HTTP tunneling provides some cool functions that a Web-based admin app can't, including:

  • Ability to upload any ODBC database (Access, MS SQL, Oracle) directly to your MySQL without going through the cumbersome process of CSV/SQL export/import
  • Context-sensitive menus
  • Synchronizes the schema between your development server and the production server
  • Synchronizes the data between your development server and the production server
  • Saves your work when you click on the close button of your browser!
  • 100 percent keyboard friendly for turbo speed MySQL management



Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap