Remote Database Access (lack there of)

T

theberg

Active Member
Joined
Dec 3, 2014
Messages
34
Reaction score
14
When did it become the norm for hosts to no longer provide remote access to databases in South Africa?

My recent experience
1-grid: No remote access.
Absolute Hosting: Remote access through their openvpn. (yay)
Axxess: Make use of a web-based database management tool.

It would be nice to be able to host a database and connect to it through management studio without much fuss. Does anyone know hosts that offer remote access to MSSqlserver databases?
 
Leno said:
Big security risk having a database exposed to the internet, so the openvpn one makes sense
Click to expand...
Openvpn is the simplest solution for the majority of our clients and we’ve received very few complaints since implementing this. For the most part our clients appreciate the effort taken to provide secure services
B-1 said:
If you have a look at the access logs of anything publicly available you will understand why.
Click to expand...
100% - I don’t think clients understand how online services are constantly under attack
 
  • Like
Reactions: OCP
theberg said:
When did it become the norm for hosts to no longer provide remote access to databases in South Africa?

My recent experience
1-grid: No remote access.
Absolute Hosting: Remote access through their openvpn. (yay)
Axxess: Make use of a web-based database management tool.

It would be nice to be able to host a database and connect to it through management studio without much fuss. Does anyone know hosts that offer remote access to MSSqlserver databases?
Click to expand...
Domains.co.za have remote access to MySQL.

Pretty sure any proper Cpanel hosting company have.
 
theberg said:
When did it become the norm for hosts to no longer provide remote access to databases in South Africa?

My recent experience
1-grid: No remote access.
Absolute Hosting: Remote access through their openvpn. (yay)
Axxess: Make use of a web-based database management tool.

It would be nice to be able to host a database and connect to it through management studio without much fuss. Does anyone know hosts that offer remote access to MSSqlserver databases?
Click to expand...
I love it when people ask to be DDoSd Ransomware Encrypted and Hacked.
Then they blame the IT guy.
Uneducated SQL admins and low skilled developers have this tendency.
 
Thor said:
Domains.co.za have remote access to MySQL.

Pretty sure any proper Cpanel hosting company have.
Click to expand...
Would be pretty dumb to have that enabled by default. CPanel however allows remote connections via IP whitelist.
 
bratwurst said:
Would be pretty dumb to have that enabled by default. CPanel however allows remote connections via IP whitelist.
Click to expand...
cPanel and DirectAdmin allow you to whitelist an IP per user - MS SQL is another story and its attacked non stop
 
True if it's online then it's open to attack just like anything on the internet but surely the same goes for the admin panels like cPanel or Plesk.

What security do those platforms have that makes them more secure?

Edit: It sounds like they're not actually more secure but just get attacked less.
 
theberg said:
True if it's online then it's open to attack just like anything on the internet but surely the same goes for the admin panels like cPanel or Plesk.

What security do those platforms have that makes them more secure?

Edit: It sounds like they're not actually more secure but just get attacked less.
Click to expand...
A control panel is a segmented user control area that is served from a real Server.
There's no protection based on the control panel used. If a dumb password is used and services are compromised that's definitely not the Server's fault.
It's a basic example and variables differ.

Not everything gets secured via passwords. There's many layers of security from https to DNS to DDoS protection and network security.

It's best to double check. Always.
 
Ummm, SQL on Azure?

They have a lot of configuration/security options. I just setup a DB on there , and on firewall (azure) only allowed remote access to my IP and my Devs. Seems so far to work well. Need to see what all their other offerings do.

Love being able to scale up performance of SQL instance based on need.

Note: only have one weeks experience on it, but we've put 120GB on it so far
 
InternetLuddite said:
Ummm, SQL on Azure?

They have a lot of configuration/security options. I just setup a DB on there , and on firewall (azure) only allowed remote access to my IP and my Devs. Seems so far to work well. Need to see what all their other offerings do.

Love being able to scale up performance of SQL instance based on need.

Note: only have one weeks experience on it, but we've put 120GB on it so far
Click to expand...
I just made an account here and spun up a database, works great! Thank you for the suggestion.

I still don't see why local hosts can't offer the same. I'm really not fully understanding the security argument. If the cPanel is able to be public then to me having the database public is the same thing right?

People can attack both, but then why is it fine to have the admin panel public but not the database. (the database is accessible through the cPanel anyway)

*Note, I say cPanel but I really mean any admin backend used for managing a server, cPanel, Solid, Plesk...other.
*Note Note, I'm talking about MS Sql servers, I don't know if remote options are offered for MySql (I'd assume not?)
 
Jade @ Absolute Hosting said:
cPanel and DirectAdmin allow you to whitelist an IP per user - MS SQL is another story and its attacked non stop
Click to expand...
Yes but I have a dynamic IP so if my IP gets automatically whitelisted when it changes then I'll no longer have access? By default, I don't believe IPs get whitelisted for access to these panels. If that's true then it happens in the background without the clients' knowledge and will break in the future when their IP changes.
 
cPanel is a control panel and not a database server. cPanel provides the interface or mechanism to manage MySQL and MySQL supports allowing connections from IP addresses per user and MS SQL doesnt.

There is no easy way of granting users access to MS SQL from particular IP addresses hence we offer a free vpn service to allow you to connect.
 
Domains.co.za also allows you to connect to MySQL from a static (whitelist) IP address if you wish (it's available to anyone) and you can update it yourself if you want that added security.
 
Jade @ Absolute Hosting said:
cPanel is a control panel and not a database server. cPanel provides the interface or mechanism to manage MySQL and MySQL supports allowing connections from IP addresses per user and MS SQL doesnt.

There is no easy way of granting users access to MS SQL from particular IP addresses hence we offer a free vpn service to allow you to connect.
Click to expand...
Control panel or a database server, my point is about it being publically accessible. Therefore able to be attacked.

I don't understand the IP whitelisting argument because anyone can log into their control panel from anywhere. Why does the DB access need to be IP restricted but the control panel access doesn't?
 
theberg said:
Control panel or a database server, my point is about it being publically accessible. Therefore able to be attacked.

I don't understand the IP whitelisting argument because anyone can log into their control panel from anywhere. Why does the DB access need to be IP restricted but the control panel access doesn't?
Click to expand...
This is why you dont expose MS SQL to the WWW

This is over a 9 day period

2020-10-26_13-11-16.png
 
SQL Server Management Studio will add your IP to the firewall for you if you're authenticating using Azure AD. A few other SQL clients too.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X