Server side connection to mysql via ssh


#1

I’m new on Wappler, so, maybe I’m missing something …

I want to make a new Database Connection to an external mysql server.
Usually we’re using a “TCP/IP over SSH” to access the mysql server on that external machine.

Any idea how to do this with wappler ?

On mysql Workbench this would be like in the following image.

mysql_via_tcpip_ssh


#2

Hi Gunter,
Same principle really. Provide credentials in Server Connect to your database server.

Open Server Connect.
Create a new Action.
Add a new Step - Database Actions / Add Database Connection.
Enter your MySQL credentials.
Hit Test Connection.
Save Database Connection.
Files uploaded to your server.
Database Connection created.

Rinse and repeat for any further Database Connections you require.

Hope that helps.


#3

Hi Dave,
thank you for your fast answer.

Maybe we’re talking about two different things.
You suggest to deploy (upload) the application to a WebServer. Thus there will be a localhost access from backend to mysql.
Fine and this will work OK.

But in our case the web server and the mysql server are hosted on different computers (cloud systems). Therefore they are talking with each other via a web connection.
The simple thing would be a mysql connection via IP adress, but that is pretty open (unsecure).
To make this connection secure it usually is done via a SSH connection.
For doing this manually there are ways in PHP which will connect to mysql via SSH, but they differ from the usual ones - and with Wappler we’re not doing this in code manually.

Therefore we will have to give the SSH creditals to Wappler somehow.
But as a newbie I cannout find how :confused:

Thank you very much for any hint !

Best regards

Gunter


#4

That would be a nice feature to incorporate SSH in to Wappler. Currently I am pretty sure this option is not available. I’m sure @George can confirm for you.


#5

Currently we make MySQL connections via PHP with PDO on the web server.

If you want to go through SSH a special SSH tunnel needs to be setup. Not a very common thing to do even with remote DB servers…

Is there a special reason why you want to go through an extra security layer as it will only slows things down…?

Maybe @patrick can advise if it can be implemented in Wappler


#6

You’re asking for reasons to use SSH connecting to mysql.

Obviously two of our customers (bigger companies) ask for it :wink:
but:

  • some hostings do not allow changes to the firewall - port 3306 (thus mysql cannot be accessed from external)
  • you have to change standard mysql my.cfg to allow external access (not all implementations allow this)
  • we bumped into legal (?) security rules not to expose database content to the web directly
  • most of the mysql clients support connections via ssh (mysql Workbench, …)
  • same for other RAD systems
  • we could use local Wappler installations (Windows) to access and test with real data on external servers - secure way

Possibly there are other reasons pro/con. This list is just out of my brain :wink:


#7

Ok fair enough - have to start with Wappler enterprise licenses for this :slight_smile:

will see what we can do.

I will make this a feature request now, so more people can vote on it.


#8

After further investigation - seems that connecting from PHP to MySQL server through SSH is not really a well developed solution.

However - you can actually already do it by installing such tunnel on your server first that maps to local post and connect to that port. A good tool for that is autossh

Read for background info: