MySQL Port Security
Posted: Wed Aug 24, 2005 2:17 pm
The small company I work for has a dedicated server. This server is an all-in-one unit for our business... websites, database, email, etc. A trusted company bought a division of our company and wants to know if we can open a port to the MySQL database. It has no open ports now, as we never needed it. All queries were done from the server itself via php. But, they want to be able to communicate with the MySQL database directly, and not through a webpage.
What is the security risk in this? All users and permissions are setup correctly. My only concern is that a port would have to be opened on our hardware firewall. There is sensitive data on our server, encrypted, but still sensitive.
My options are to open a port to MySQL and let them connect directly. Or I can tell them they'll have to get there own server if they want to do that. Or, they'll have to stick with using php to access the db.
Thank you, Swede
What is the security risk in this? All users and permissions are setup correctly. My only concern is that a port would have to be opened on our hardware firewall. There is sensitive data on our server, encrypted, but still sensitive.
My options are to open a port to MySQL and let them connect directly. Or I can tell them they'll have to get there own server if they want to do that. Or, they'll have to stick with using php to access the db.
Thank you, Swede