Connection to a remote MySQL database
Remote connection to the MySQL database used by the “MySQL remote database” function available in cPanel is unencrypted by default. This is due to the fact that MySQL in the default configuration always from the client-server connection transmits data and passwords without encryption (https://dev.mysql.com/doc/refman/5.5/en/security-guidelines.html).
Sharing a connection to MySQL without encryption is a bad idea.
Why?
With an unencrypted connection, login and password are sent to the database as a plaintext via the Internet. If you use an open wifi network, for example in a cafe, think about how many people around you could get to know your login details: both regarding the connection to the database, as well as the login and password for the application sent.
Online stores, customer data and RODO.
If you run an online shop, you store all customer data in the database.
Sending these data in an unencrypted form, even using home or business Internet is risky. Your internet provider should not have access to your customers’ data. Such treatment of personal data is not compliant with the RODO guidelines. We do not want to be accused of failing to provide adequate security,and the more we do not want to receive a penalty related to, for example, leakage of personal data.
Currently, global trends seek to encrypt all internet traffic. For example, the Chrome browser is to treat all websites without an SSL certificate, and therefore not encrypted as unsafe. More and more attention is paid not only to security, but also to privacy.
Encrypted connection to the MySQL database.
Many hosting service providers do not pay enough attention to this issue without providing remote access to the database via a secure connection, or without providing information on how to do it.
On our hosting, all hosting accounts have the ability to enable SSH access and use it to create an encrypted tunnel through which you can securely connect remotely to the MySQL database.
Thanks to our guide, remote connection to MySQL through the SSH tunnel from your own computer will be easy!
Remember – even if your hosting allows remote connections to MySQL – do not connect to the MySQL database from remote locations – your data is unencrypted! A good practice, however, is to disable such a possibility on the hosting side
See how to create an SSH tunnel to remotely connect to a database remotely
The article is prepared jointly by a group of people from the Smarthost Administrators.
- What is DMARC and why should you have it? - July 12, 2023
- Deleting e-mail messages older than the given date - July 3, 2021
- How to restore a backup in JetBackup 5? - July 3, 2021