Brent W
Well-known member
I am trying to setup a dedicated MySQL server that my Web Server can connect to but I am having issues and I think it may be iptables related.
Here is what I have done so far:
10.179.133.27 = Web Server Private IP
10.179.130.242 = Database Server Private IP
Installed MySQL and have it running successfully. I have created the database and imported the data I need into it. I can query the database fine from the database server.
I then created a user and gave it permission for that database. 10.179.133.27 is my webserver private IP.
This is the iptables on my database server:
Web Server iptables:
My xenforo config:
Trying to connect via web server:
What am I missing or doing wrong?
Live website that is down because it can't connect to database: http://www.secfootballforums.com/
Here is what I have done so far:
10.179.133.27 = Web Server Private IP
10.179.130.242 = Database Server Private IP
Installed MySQL and have it running successfully. I have created the database and imported the data I need into it. I can query the database fine from the database server.
I then created a user and gave it permission for that database. 10.179.133.27 is my webserver private IP.
Code:
mysql> GRANT ALL ON sec_mysql.* TO sec_xenforo@'10.179.133.27' IDENTIFIED BY 'password';
Query OK, 0 rows affected (0.00 sec)
mysql> SELECT User, Host, Password FROM mysql.user;
+-------------+---------------+-------------------------------------------+
| User | Host | Password |
+-------------+---------------+-------------------------------------------+
| root | localhost | xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx |
| root | Database | xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx |
| root | 127.0.0.1 | xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx |
| root | ::1 | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
| sec_xenforo | 10.179.133.27 | xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx |
+-------------+---------------+-------------------------------------------+
This is the iptables on my database server:
Code:
[root@Database mysql]# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
ACCEPT tcp -- 10.179.133.27 10.179.130.242 tcp spts:1024:65535 dpt:mysql state NEW,ESTABLISHED
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- 10.179.130.242 10.179.133.27 tcp spt:mysql dpts:1024:65535 state ESTABLISHED
Web Server iptables:
Code:
[root@WebServer httpd-2.4.1]# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere 10.179.130.142 tcp spt:mysql dpts:1024:65535 state ESTABLISHED
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- 10.179.130.142 anywhere tcp spts:1024:65535 dpt:mysql state NEW,ESTABLISHED
My xenforo config:
Code:
$config['db']['host'] = '10.179.130.242';
$config['db']['port'] = '3306';
Trying to connect via web server:
Code:
[root@WebServer httpd-2.4.1]# mysql -u sec_xenforo -p -h 10.179.130.242
Enter password:
ERROR 2003 (HY000): Can't connect to MySQL server on '10.179.130.242' (113)
What am I missing or doing wrong?
Live website that is down because it can't connect to database: http://www.secfootballforums.com/