IT Nursery
  • 1010 Avenue of the Moon
    New York, NY 10018 US.
  • Mon - Sat 8.00 - 18.00
    Sunday: Closed
  • Get A Quote
  • MySQL Programming

    • Host ‘xxx.xx.xxx.xxx’ is not allowed to connect to this MySQL server

    • IT Nursery
    • April 22, 2022
    • 0

    This should be dead simple, but I cannot get it to work for the life of me.
    I’m just trying to connect remotely to my MySQL server.

    • Connecting as:
        mysql -u root -h localhost -p
    • works fine, but trying:
        mysql -u root -h 'any ip address here' -p
    • fails with the error:
        ERROR 1130 (00000): Host ''xxx.xx.xxx.xxx'' is not allowed to connect to this MySQL server

    In the mysql.user table, there is exactly the same entry for user ‘root’ with host ‘localhost’ as another with host ‘%’.

    I’m at my wits’ end and have no idea how to proceed.
    Any ideas are welcome.

    27 s
    27

    Possibly a security precaution. You could try adding a new administrator account:

    mysql> CREATE USER 'monty'@'localhost' IDENTIFIED BY 'some_pass';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'monty'@'localhost'
    ->     WITH GRANT OPTION;
mysql> CREATE USER 'monty'@'%' IDENTIFIED BY 'some_pass';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'monty'@'%'
    ->     WITH GRANT OPTION;

    Although as Pascal and others have noted it’s not a great idea to have a user with this kind of access open to any IP. If you need an administrative user, use root, and leave it on localhost. For any other action specify exactly the privileges you need and limit the accessibility of the user as Pascal has suggest below.

    Edit:

    From the MySQL FAQ:

    If you cannot figure out why you get
    Access denied, remove from the user
    table all entries that have Host
    values containing wildcards (entries
    that contain ‘%’ or ‘_’ characters). A
    very common error is to insert a new
    entry with Host=”%” and
    User=”some_user”, thinking that this
    allows you to specify localhost to
    connect from the same machine. The
    reason that this does not work is that
    the default privileges include an
    entry with Host=”localhost” and
    User=””. Because that entry has a Host
    value ‘localhost’ that is more
    specific than ‘%’, it is used in
    preference to the new entry when
    connecting from localhost! The correct
    procedure is to insert a second entry
    with Host=”localhost” and
    User=”some_user”, or to delete the
    entry with Host=”localhost” and
    User=””. After deleting the entry,
    remember to issue a FLUSH PRIVILEGES
    statement to reload the grant tables.
    See also Section 5.4.4, “Access
    Control, Stage 1: Connection
    Verification”.

    Tags:

    Leave a Reply

    Your email address will not be published. Required fields are marked *