Hi, the installation manuals guide you to edit /etc/mysql/mariadb.conf.d/50-server.cnf for uncommenting bind-address = 127.0.0.1 As I understand, in multi server setups only the client-server opens SQL connections to the ISPConfig master server? So on a client server (w/o the DB server role) there is no need to bind the mariadb server to other interfaces but 127.0.0.1? Thank you for clarify this. CMKS
If you do not Bind MariaDB to other interfaces, then you can not allow access from other servers or outside using ISPConfig GUI, as that#s all configured on MySQL user level normally. But as long as you don't want a more fine-grained control and do not want to work with central MySQL clientdb instances for your web servers, then you can leave that in place.
My questions applies to the local ispconfigdb on the client server only. So, i.e. when I setup a client server in a multi server setup with only the DNS role. ISPConfig (usually) installs a local DB on each client server for own purposes. As I undertstand the client server connects to the master server and copies configuration data to and reports from the local db (instead of using an API or something like that to get configuration data). But, and that is my point / question, the ISPConfig master server never create a connection to the local db on the client server? And if so, there is no need to expose the mariadb port (3306) on public interfaces?
Just set a appropriate firewall rule that only the IP of the master server is able to connect on port 3306 and you have nothing to worry about.
