Question

how to setup 2 vps work with 1 database with firewall and iptables turn off

Posted February 14, 2021 306 views
Databases

Hi, I want to ask that I have 2 vps, 1 vps running game server including database with firewall turned off and iptables, and 1 vps for running php website, I have to turn off the firewall and iptables in order to run my game server. but I can’t find any way to make the website vps connect and access data from vps game server. Do you have a way to link those 2 vps to the same database? Since I turned off the firewall and iptables so any of the methods I found are not available, please help me figure out the way. I really appreciate your help!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
2 answers

Hi @vin2164382,

If you don’t have a firewall then you should be able to connect both servers without a problem. Having said that, I strongly recommend using IPTables at least and allow just the proper IP addresses and ports.

Okay, so let’s first start with the database server. All you need to do is, using IPtables allow incoming and outgoing connections on port 3306 only for the IP address of your gameserver. This can be achieved like so:

run this on your database server:

sudo iptables -A INPUT -p tcp -s XXX.XXX.XXX.XXX --dport 3306 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 3306 -m conntrack --ctstate ESTABLISHED -j ACCEPT

Of course change XXX.XXX.XXX.XXX with your game’s server IP.

Now, on your PHP,game server do the following in IPtables:

sudo iptables -A OUTPUT -p tcp --dport 3306 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -p tcp --sport 3306 -m conntrack --ctstate ESTABLISHED -j ACCEPT

That should be enough for your two servers to connect to each other.

Regards,
KFSys

Hi there,

In addition to what KFSys mentioned, even if you don’t have a firewall, you would need to allow remote connections to your MySQL server. You can follow the steps on how to do that here:

https://www.digitalocean.com/community/tutorials/how-to-allow-remote-access-to-mysql

Regards,
Bobby

by Mark Drake
Many websites and applications start off with their web server and database backend hosted on the same machine. With time, though, a setup like this can become cumbersome and difficult to scale. A common solution is to separate these functions by setting up a remote database, allowing the server...