0

I have my website on my share hosting server. I have a C# .NET Winform application which accesses the online MYSQL database of my website.

For accessing the online database, I have to add the IP of the PC from which the application accesses the database. But this is not done, for every PC on which the application would be run , i would need to maually add the IP of that machine , on my server .

I add the IP following these steps:

 1. Login to the CPANEL of my website
 2. Goto Remote MySQL 
 3. Add Access Host

I want to automate this manual task? Is there any way? Since , the IPs would be dynamic, so how would i just keep adding every IP manually, its not possible. please help

Should i add wildcard '%' for the IP. 211.137.%.% But , 211.137 ---will they not change?

What do the starting two entries refer to in the IP address............x.y.z.p

what do 'x' and 'y' refer to? do they remain static?

The application would be run on multiple machines. So shall i do this: FOR ACCESS TO ALL ANONYMOUS IPs ---> shall i add this Access Host in MySQL Remote from Cpanel-------> %.%.%.%

sqlchild
  • 8,754
  • 28
  • 105
  • 167

1 Answers1

1

Create a web service to access the database for the information necessary to run the win forms application and you don't have to worry about adding IPs.

Even if you automate the adding of IPs, you will need some other form of security to identify your application. And, sans something like X.509 certificates, there is no set way to secure the application calling the database so hackers cannot duplicate the methodology.

As far as "do the first octets in an IP range remain static" question. The answer is generally, but if this is on a home user's computer, it is possible, over time, that they will jump to a new block used by the ISP. The same is true of business customers, but you normally see a large range together. You would have to know your client if you could even try to adopt this methodology. I would say it is risky.

Gregory A Beamer
  • 16,870
  • 3
  • 25
  • 32
  • sir, so shall i use this : %.%.%.% – sqlchild Jun 08 '11 at 19:31
  • My choice would be to eliminate the need to restrict the IP altogether, given a choice, rather than automate the IP range. The exception is if you can find a rule for your clients that works. Otherwise, you have to allow by the IP requesting, or %.%.%.%, which opens the application to hackers potentially. – Gregory A Beamer Jun 08 '11 at 20:08
  • sir,is it possible that i get the IP of the PC on which the application is run, and then run some script which automatically ADDS THE HOST IP in the REMOTE MYSQL? – sqlchild Jun 08 '11 at 20:41
  • sir, also please guide me with some scripts or URLs on how to create a web service? will i be able to insert and update, select data into/from the mysql database if i use a webservice??????????? – sqlchild Jun 08 '11 at 20:42
  • I would start here (http://msdn.microsoft.com/en-us/library/ms734712.aspx) and see if this is something you want to focus on. Chances are you already know what you are exposing in the database (hopefully not "everything"?). As for adding the IP, I would have to see how you are handling restrictions. – Gregory A Beamer Jun 08 '11 at 21:04