Knowledge Base

Remote Access to Databases

 
administrator guidedatabase serversdatabasedatabase serverdomains

For security reasons, you can specify access settings for database
users, in order to allow or deny remote connections to a database.
Remote connections can be allowed from certain IP addresses. For
example, if a script running on a remote host accesses a Plesk database
by using the credentials of a certain database user, then you can
restrict the access of this user to the IP address of that remote host.

Depending on the database server type, Plesk employs different tools for
access control:

  • Access control lists. For MySQL database users, the access control
    is handled by the native security mechanism - MySQL access control
    lists (ACL). Custom rules are added to ACL. If the Plesk firewall is
    running, then it must allow incoming connections to MySQL. Otherwise,
    settings for remote connections in ACL will not work.
  • Firewall rules. For other database users (PostgreSQL and SQL Server
    users), remote access is handled by the Plesk firewall. Custom rules
    are added to the Plesk firewall rules. If the Plesk firewall
    extension is not installed and the firewall rules management is not
    switched on, the corresponding options are not displayed in the Plesk
    UI .

Note: Plesk adds new rules to the firewall only with your approval. Each
time a subscriber sets up a custom access control rule, Plesk
notifies you about this and prompts you to accept or reject the
changes.

The access control options are available at Websites & Domains >
Databases when you add or edit a database or a database user. For
details, see the section Setting Up Custom Access Rules.

When a customer, a subscription, or a database user is removed, all
associated firewall rules are removed too.

Enabling Customers to Set Up Custom Rules

To enable subscribers to customize access to their databases:

  • Switch on the permission Remote access for database users in the
    subscription settings (Subscriptions > click the subscription >
    Customize).

  • Install the Plesk firewall and switch on rules management in Tools
    & Settings     > Security group > Firewall (applicable to
    PostgreSQL and SQL Server users only).

  • Make sure that Microsoft SQL Server is configured to use dynamic
    ports for remote connections (applicable to SQL Server users only).

    image 76902

Confirming Custom Firewall Rules

After a user has specified custom rules, the Plesk administrator
receives the following notification displayed on the Home page of
the Server Administration Panel: Remote access rules for database users
were modified and are waiting for your approval. Please go to Firewall
Settings to review and confirm the rules.

After reviewing the rules, you should decide whether to confirm the
addition of the custom rules to the set of system firewall rules. Use
Apply Changes or Discard Changes buttons on the Plesk for Linux
firewall rules page for not applied configurations (Firewall >
Modify Plesk Firewall Rules).

Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

© 2024 WebPros International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of WebPros International GmbH.

Managed with love with Plesk WP Toolkit