new kich at the cat

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
Vegan
Forum Regular
Posts: 574
Joined: Fri Sep 05, 2008 3:34 pm
Location: Victoria, BC
Contact:

new kich at the cat

Post by Vegan »

Config files have changed with Ubuntu 16.04 which made it harder than necessary to operate a web appliance.

https://hardcoregames.azurewebsites.net/?p=29892

I have a draft for another document on bolting on storage, but I am now going to use the basic A0 box to attempt to get a MySQL server up and on the internet so I can use that

I run 2 sites, so I installed the local console in addition to the server, this way I can manually make SQL commands

Now that I can log in, the permissions are needed for each site, one is obvious my gaming site, the other is my vegan site

now for security, I think permissions should be restricted to *azurewebsites.net on principle so that hacker and spammers cannot attack my server as easily?

GRANT ALL PRIVILEGES ON *.* TO 'root'@'%.example.com' IDENTIFIED BY 'some_characters' WITH GRANT OPTION; FLUSH PRIVILEGES;

is obviously not what I want, I wanted to have specific user/password for each site, I may up a new site or 2 over time

but the idea I want is a new database with user and password, and if possible hard coded to the URL of the web site so that its secure as possible?

what I was thinking is

GRANT ALL PRIVILEGES ON *.* TO 'siteuser'@'%.azurewebsites.net' IDENTIFIED BY 'secure password' WITH GRANT OPTION; FLUSH PRIVILEGES;

so how can i manually add a user to the database?

CREATE USER 'newuser'@'localhost' IDENTIFIED BY 'password';

is main idea, but I want to generate secure passwords for the sites so that hackers cannot spam my site etc

keep in mind all database uses are remote in the cloud but locatable by URL
Hardcore Games™ Legendary is the Only Way to Play™
My site is powered by LAMP
User avatar
Vegan
Forum Regular
Posts: 574
Joined: Fri Sep 05, 2008 3:34 pm
Location: Victoria, BC
Contact:

Re: new kich at the cat

Post by Vegan »

managed to get the databases created ok, users are created ok

got a warning with GRANT so I am not sure what is wrong with that, references are still obsolete
Hardcore Games™ Legendary is the Only Way to Play™
My site is powered by LAMP
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: new kich at the cat

Post by requinix »

Never use root in your code.

Code: Select all

GRANT SELECT,INSERT,UPDATE ON database.* TO 'username'@'host' IDENTIFIED BY 'whatever password'
If your user needs anything more than those three actions then include them. It probably doesn't need all databases so just grant privileges on the one(s) it needs.
"host" should be as restrictive as possible. "whatever password" can be whatever password.

Revoke privileges and possibly delete users that you don't need.
User avatar
Vegan
Forum Regular
Posts: 574
Joined: Fri Sep 05, 2008 3:34 pm
Location: Victoria, BC
Contact:

Re: new kich at the cat

Post by Vegan »

ran into a new problem, cannot seem to connect to the server

checked everything i could, wonder what has it gimmicked now to block open access
Hardcore Games™ Legendary is the Only Way to Play™
My site is powered by LAMP
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: new kich at the cat

Post by requinix »

If you don't get any error messages then there's a firewall problem. But I imagine you may have accidentally changed or removed a user that you needed. Connect as root and

Code: Select all

SELECT user,host,password FROM mysql.user
see what users there are.
User avatar
Vegan
Forum Regular
Posts: 574
Joined: Fri Sep 05, 2008 3:34 pm
Location: Victoria, BC
Contact:

Re: new kich at the cat

Post by Vegan »

sql says user accounts are % for both sites

looked at the usual suspects for firewalls, linux said they were not even running

ufw is disabled
Hardcore Games™ Legendary is the Only Way to Play™
My site is powered by LAMP
User avatar
Vegan
Forum Regular
Posts: 574
Joined: Fri Sep 05, 2008 3:34 pm
Location: Victoria, BC
Contact:

Re: new kich at the cat

Post by Vegan »

found the problem, it was azure that was firewalling me, created a rule for 3306 and the chrome sql admin was able to log on
Hardcore Games™ Legendary is the Only Way to Play™
My site is powered by LAMP
Post Reply