I am hosting my site on a shared server and wants to move my database to azure for better manageability. I created a database and added some data on azure platform. I tried to connect to that database through my local computer and it works. But when I am trying the same connection string on a shared hosting servers it gives me resource not found 505 error. Why?
For security reasons when you setup an Azure SQL DB it only allows connections from IP Addresses that you specify. Before recent enhancements to the portal, this required you to manually add your local IP Address and a loopback for anything hosted on Azure.
Since you are hosting your web site on a 3rd party provider you probably just need to find out the IP Address where your site is hosted and add that to the 'whitelist' of IP addresses that Azure SQL DB maintains. After you do that, it should just work.
Related
my app is deployed and responds (however, no db connection) but, the pages that do not connect to the database work correctly, including calls to the web service api
my mysql database is running and has a public ip address (also, added my ip address as an authorized network)
i can connect to the google database from my local laptop using the mysql workbench and the instance i created is fully loaded and ready
i am able to run my .net core 3.1 project from my local machine and it runs using the Google MySQL instance via the public ip address
unsure why i am able to run my app locally using the google mysql instance from my laptop but the app from within the google hosting network itself does not.
google claims it should work by default?
however, the only way i have gotten it to work is by adding 0.0.0.0/0 to the allowed network. seems "dirty" that way. but, if i must.
connection string is "Server=34.125.xxx.xxx;Database=testdb;Uid=root;Password=testpword"
error message
You have already gone through the issue yourself. You have tried to make 0.0.0.0/0 an authorized network and it worked! what does this mean? This simply means that you need to authorize the AppEngine outbound NAT gateway cidr to access your CloudSQL instance and it worked because this NAT cidr is included in 0.0.0.0/0 as you may already know.
but the thing is, this is not the best option to secure your connection to CloudSQL.
As quoted from the documentation:
Using the Cloud SQL Auth proxy is the recommended method for authenticating connections to a Cloud SQL instance because it's the most secure method.
The CloudSQL Auth proxy provides secure access to your instances without a need for Authorized networks or for configuring SSL.
See the CloudSQL Auth proxy documentation here
Also,
You do not need to use the Cloud SQL Auth proxy or configure SSL to connect to Cloud SQL from App Engine standard environment or App Engine flexible environment.
See
Connecting from AppEngine standard environment to CloudSQL
and Connecting from AppEngine flexible environment to CloudSQL
Now I develop a WPF application that access to Azure SQL Server and work in Windows10 Tablet for my client.
I registered my client IP address of my PC for development,so the application can access to the sql server in development.
But it does not work in the tablet in other network. I know, I have to register its ip address too.
Now I have a problem.. of course, my client use his own network and I can't confirm the ip address he use!
To resolve this problem, I tried to use Azure AD autehntication with token.
(refer to https://learn.microsoft.com/en-us/azure/sql-database/sql-database-aad-authentication , https://techcommunity.microsoft.com/t5/azure-sql-database/azure-ad-service-principal-authentication-to-sql-db-code-sample/ba-p/481467 and so on)
My Application suceeded to login with Azure AD authentication in my PC for development, but in other network it failed yet..
Does it mean that I have to register the ip address in which the application works in any authentication method?
(If yes, it means that all user have to tell his own ip address to developer. No Way!!)
or I need to allow all range of ip address for this application?
I hope your help, thanks
If I understand your question correctly there are two questions:
1. How to make sure that dev machine has access to Azure SQL Database ?
For this, there is no other way. You will have to enable the IP addresses (or range of addresses) from which you want to access the Azure SQL database. If it is not allowed, you will not be able to connect to it.
You can enable this either while creating the SQL Azure instance OR you can also configure these IP addresses later as and when you need.
If you ask me what is the best way, I would suggest to use your local SQL Server for development. That way you do not need to configure all the IP addresses from all the networks from where you can work. This is also very handy as you have database on your machine.
Are you using central database and many people using it, then you have option to either setup a SQL Server which is available to the development team.
Alternatively, if you are interested to use Azure SQL for your development (which I would not recommend), then you can also try setting up a proxy service which just forwards the request to Azure SQL. That way making sure that all requests are coming from one IP.
2. How to make sure that your deployed application will always be able to access Azure SQL database?
It depends on how the application is deployed. If the application is going to be deployed in Azure, then you may want to enable access from other Azure services to Azure SQL instance. This is also setting which you can enable while creating SQL Azure database OR You can configure it after creating the SQL Azure instance.
If the application is not on Azure but database is on Azure, you will have to update the firewall to allow connections from the application.
I hope this provides you enough insights to get to your solution.
How can we use google cloud database for local.net web application without deployed .net app on google cloud?
You can connect directly to Cloud SQL using either of the following options:
whitelisting your IP address and connect using the Public IP of your instance
you can run the Cloud SQL proxy locally which will forward the traffic to the instance
As I see it, I have two options: access my database with a ReSTful (http) webservice connection, or directly connecting to MySQL. I've found that it isn't that easy to directly access MySQL (http://www.cyberciti.biz/tips/how-do-i-enable-remote-access-to-mysql-database-server.html) and that the remote connection is IP-specific (my app would run in many places and the IPs won't be static).
How should applications connect to databases? Directly or through the httpd server?
Thank you very much :)
You can allow a MySQL user account to connect from any host (IP addresses).
for example,
GRANT ALL ON foo.* TO bar#'%' IDENTIFIED BY 'PASSWORD';
Depends on how secure you need it to be. We configure an OpenVPN server on the same VPC as the MySQL server and use that to control access to our systems. There is no direct connect to MySQL.
I am creating two applications: An ASP.Net application and a C# application. I used SQL Server as the database. My ASP.Net application should connect to the internet but the database should only be on my computer. I used connectionString to connect my two applications in just one database (SQL). Is there a way to connect my ASP.Net application from the web to my SQL database on my computer?
I've read lots of tutorial but I can't find the solution.
Ordinary SQL Server is local to to the Web application (it's either located on the same LAN or sometimes even on the same machine).
Technically it is possible to connect an ASP.NET application to a remote SQL server, but it is not recommended, you can open a can of worms there (problems with firewalls, ports, performance etc.)
Here's my solution for that:
Make sure you have a static IP address assigned by the ISP.
Make sure that you assign a static IP address in your computer.
Now, use "Port Forwarding" technique. Configure your router to forward the packets from port 1433 going to your computer.
The next thing you do is you configure or modify your web.config (ASP.NET file) that is deployed outside your network (in a hosting company) and make sure that the datasource of your connectionString looks something like this: connectionString="data source=214.23.12.21 (where 214.23.12.21 is the static public IP assigned to you by your ISP).