2

Here's the situation:
I have a web hosting which provides a MySQL database account, but connection only allows from localhost.

I'm considering to expose this MySQL through web interface, and extend the mysqli class so I can normally read/write to this database from another host.

Before doing this, I want to know if my solution is a good idea, and whether there already has such an open source solution to my situation?

Improve this question
4
  • It would only be a good idea if you had to implement this and there was no other way out. Commented May 8, 2011 at 1:00
  • 2
    you can create an api to give only access to specific data so you can access it from anywhere. i think it is a good idea that anyone just can't connect to your db. Commented May 8, 2011 at 1:00
  • So is there a specific reason you need to access the database from another comp? Also, make sure to limit the account to only the ip addresses of the other webhosts. Commented May 8, 2011 at 1:02
  • @mazzzzz: could be to use software more powerful than phpmyadmin... For example, a Java DB manager, a software to do backups remotely, one to analyze the tables (like SchemaSpy), one to access the data and manipulate it with a language other than PHP, and so on. Commented Jul 20, 2011 at 12:43

3 Answers 3

Reset to default
2

Use Web Services. Web services are designed to provide an API so that one server can communicate with another server to access the resources of that server. The advantage of creating a Web service wrapper around your MySQL database is to avoid exposing the SQL layer to the broad Internet.

In general, by writing Web services, your application can only use the services that you've specifically chosen to expose. Additionally, many Web service frameworks offer authentication packages and validation that can help prevent malicious entities from illegally accessing or manipulating your data.

Finally, should you migrate to a different data source, you can maintain the same uniform interface between the application and the datasource, which eliminates the need to modify the PHP application.

However, by directly exposing your database to the Internet, you potentially expose yourself to data theft and data loss.

For more information on Web services, you could start with this Wiki Article on REST.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

That's a lot of overhead and reimplementation work. Instead consider to open the MySQL server up for remote connections, using SSL and certificate authorization: http://dev.mysql.com/doc/refman/5.1/en/secure-basics.html

This allows you to expose the real mysqld server. You will need to use the most recent PHP version, as that adds SSL support in the PDO interface for example. http://www.php.net/manual/de/ref.pdo-mysql.php#103501 But I'd say that's still easier than crafting your own RPC interface and securing that.

And if you actually use Mysqli, then the SSL/cert support is already built-in: http://php.net/manual/en/mysqli.ssl-set.php

Improve this answer

1 Comment

I have such Web server: we have the restricted access (we can access the DB only via PHP scripts on the same server) because it is a shared host, which usually doesn't allow DB server tweaking, alas. No shell either.
0

Here is a good place you can get started to creating an API. First, you should evaluate the kind of data you want to share across your servers and see if you really need it.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.