堆栈内存溢出
  简体   繁体   English

如何使用 Nginx 允许安全远程连接到本地 MySQL 数据库?

[英]How do I allow secure remote connections to a local MySQL database using Nginx?

 原文  2020-04-17 09:44:11       mysql/ nginx/ reverse-proxy/ remote-access

问题描述

Opening the default port 3306 to the outside world is something I would like to avoid if possible.如果可能的话,我希望避免向外界开放默认端口 3306。 We have Nginx running for reverse proxy purposes for other applications.我们有 Nginx 运行用于其他应用程序的反向代理目的。 The goal here is to access the MySQL databases with clients such as MySQL Workbench from outside the local network, in a secure way.此处的目标是以安全的方式从本地网络外部使用 MySQL Workbench 等客户端访问 MySQL 数据库。 The MySQL server runs on a Debian (Linux) Virtual Machine. MySQL 服务器在 Debian (Linux) 虚拟机上运行。

I configured a server block as described below.我配置了一个服务器块,如下所述。 Connecting to mysql.domain.com, port 80, with a non-root user in MySQL Workbench results in a failure.使用 MySQL Workbench 中的非 root 用户连接到 mysql.domain.com 端口 80 会导致失败。

Server block:服务器块:

server {

    server_name mysql.domain.com;

    location / {
        proxy_pass http://localhost:3306/;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
    }
}

Error message:错误信息:

Failed to Connect to MySQL at mysql.domain.com:80 with user non-root. 
Lost connection to MySQL at 'waiting for initial communication packet', system error: 10060

1 个解决方案

解决方案1
 3 已采纳  2020-04-17 10:05:00

The goal here is to access the MySQL databases with clients such as MySQL Workbench from outside the local network这里的目标是从本地网络外部访问MySQL Workbench等客户端的MySQL数据库

All modern MySQL GUI clients support SSH tunneling.所有现代 MySQL GUI 客户端都支持 SSH 隧道。 This is the most secure approach to connect and requires zero configuration on the server-side: if you can connect via SSH, then you can connect to MySQL on that host.这是最安全的连接方法,并且需要在服务器端进行零配置:如果您可以通过 SSH 连接,那么您可以连接到该主机上的 MySQL。

In MySQL Workbench, while creating a connection, select "Standard TCP/IP over SSH" as the connection method, then fill out SSH connection details and MySQL connection details. In MySQL Workbench, while creating a connection, select "Standard TCP/IP over SSH" as the connection method, then fill out SSH connection details and MySQL connection details. The key point is putting MySQL server as 127.0.0.1 as you typically want to connect to MySQL instance which is running on the machine you SSH into.关键是将 MySQL 服务器设置为127.0.0.1 ,因为您通常希望连接到 MySQL 实例,该实例在您 SSH 进入的机器上运行。 That's all there is to it.这里的所有都是它的。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 MySQL数据库允许远程连接 - MySql database allow remote connections 如何将我从远程MySQL数据库选择的一些行插入本地MySQL数据库 - how do I insert some rows that I select from remote MySQL database to my local MySQL database 如何保证 mySQL 数据库的安全? - How do I keep a mySQL database secure? 连接到不允许远程连接的主机上的mysql数据库 - connect to mysql database on host that doesn't allow remote connections 允许所有远程连接,MySQL - Allow all remote connections, MySQL 如何使用Java转储远程MySQL数据库? - How do I dump a remote MySQL database using Java? 如何在MySQL数据库中保持活动的远程连接? - How to keep Active remote Connections in MySQL Database? 如何保护与远程 mysql 数据库的连接 - How to secure a connection to a remote mysql database 如何将本地 Python 代码中的变量传递给写入 MySQL 数据库的远程 PHP 脚本? - How do I pass a variable from my local Python code to a remote PHP script that writes to a MySQL database? 如何使用SQL Developer从Virtual PC启用到MySQL数据库的连接 - How do I enable connections to a MySQL database from a Virtual PC using SQL Developer
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM