Reputation: 551
Allow mysql connection based on seperate private IP's of a certain format
I have been working on setting up of php/nginx and mysql on seperate servers. i have multiple php servers but a single mysql server. I am connecting to mysql server from the private IP of these server.
To connect, I have used the private IP(PHP server's) which is 10.125.xxx.xxx as
10.125.0.0/255.255.0.0
and it connects. I do not know much about networking but I have understood that this does a complete match for the first 2 sets of number and uses the rest as wildcards. However, I have another PHP server with a private IP starting as 10.126.xxx.xxx. So to establish connection, I could create multiple users in the Mysql database and specify this seconnd Private host.
This approach may work, but I am wondering if I could just do something like
10.12%.0.0/<?subnet mask?>
Somehow allow all private IP's start with 10.12x.xxx.xxx
Upvotes: 1
Views: 419
Answers (1)
Reputation: 367
User configurations are for managing users / privileges / etc ONLY. Do not mix this with server connectivity / blocking.
Your MySQL server should accept calls only from your (designated) php servers.
Instead of allowing / denying at MySQL level,
Deny ALL
Allow 10.126.*
at server configuration itself. And keep as many users as you want to separately manage user calls from your different php servers.
And you can not do 10.12*.
Upvotes: 0
Related Questions
- MySQL allow remote connections from multiple ip addresses
- Broadcast address based on IP and subnet mask with mysql
- Change IP of PHP PDO MySQL connection based on network
- Block IP Address, Query IP from database
- Remote MySQL Connection for a range IPs
- using IP address connect to mysql
- Binding to a specific ip address when using the PHP mysql_connect function
- Wildcard IP Banning with MySQL
- Restricting access via IP-ranges (PHP)
- Matching an IP address with an IP range?