Remote access to MySQL

In general, most servers only allow connections MySQL to be done locally, that is, from the same Cloud Server and not from a server or other device.

In those situations where it is necessary to set up MySQL on a different server, in order not to overload the web frontal, for instance, some configurations must be made in order to connect remotely to the data bases.

Here are the steps to follow to set up this access:

  1. Access your server through SSH as a “root” user. 

    Additional Information

    You can find more information about the access through SSH to your server on the article:

    Access to Linux through SSH

  2. You have to give remote access privileges to the database that you want to be accesible using the following commands:


    Remember that before launching the command you have to change:

    •“,for IP that will have access to the data base
    • nombre_base_de_datos” for the name of the database
    • usuario_base_de_datos” for the user that will do the connection


    # mysql -u root -p
    mysql> USE nombre_base_de_datos;
    mysql> update db set Host='' where db=’nombre_base_de_datos‘;
    mysql> update user set Host='' where user=’usuario_base_de_datos‘;


    An alternative to setting up manually the privileges of each database as described, would be to set them up for all the databases.


    It can become a security problem to guarantee privileges for all the databases to the root user of the remote server.  For most of the cases, it will be better to create a user with fewer privileges and that can access only the necessary database for the connection.


    To set up the privileges in all the databases, it would be necessary to use the following commands:

    mysql> GRANT ALL ON *.* to [email protected]'' IDENTIFIED BY ‘contraseña_de_root‘;
    mysql> exit;


  3. Eventually, what you should do is enable port 3306 in the Iptables. A simple syntax to do it would be:
    # /sbin/iptables -A INPUT -i eth0 -p tcp –destination-port 3306 -j ACCEPT
    # service iptables save


    Depending on the MySQL version it is possible that the syntax of the command changes. If the previous command returns an error back, you can try with the following line:

    # /sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT

    # service iptables save

To write a comment on this article, fill out the form below. Fields marked with an asterisk (*) are required.