Question

how to setup 2 vps work with 1 database with firewall and iptables turn off

Hi, I want to ask that I have 2 vps, 1 vps running game server including database with firewall turned off and iptables, and 1 vps for running php website, I have to turn off the firewall and iptables in order to run my game server. but I can’t find any way to make the website vps connect and access data from vps game server. Do you have a way to link those 2 vps to the same database? Since I turned off the firewall and iptables so any of the methods I found are not available, please help me figure out the way. I really appreciate your help!

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hi there,

In addition to what KFSys mentioned, even if you don’t have a firewall, you would need to allow remote connections to your MySQL server. You can follow the steps on how to do that here:

https://www.digitalocean.com/community/tutorials/how-to-allow-remote-access-to-mysql

Regards, Bobby

Hi @vin2164382,

If you don’t have a firewall then you should be able to connect both servers without a problem. Having said that, I strongly recommend using IPTables at least and allow just the proper IP addresses and ports.

Okay, so let’s first start with the database server. All you need to do is, using IPtables allow incoming and outgoing connections on port 3306 only for the IP address of your gameserver. This can be achieved like so:

run this on your database server:

sudo iptables -A INPUT -p tcp -s XXX.XXX.XXX.XXX --dport 3306 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 3306 -m conntrack --ctstate ESTABLISHED -j ACCEPT

Of course change XXX.XXX.XXX.XXX with your game’s server IP.

Now, on your PHP,game server do the following in IPtables:

sudo iptables -A OUTPUT -p tcp --dport 3306 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -p tcp --sport 3306 -m conntrack --ctstate ESTABLISHED -j ACCEPT

That should be enough for your two servers to connect to each other.

Regards, KFSys