Setting Up Custom Access Rules

Usually, remote access to Plesk databases is allowed by default from any computer. For security reasons, you can allow access only from a specific IP address (for example, for applications running on a remote computer and working with a database hosted on the Plesk server).

You can also prohibit remote access altogether (for example, if the application that works with a Plesk database is running on the Plesk server).

The access control settings are specified individually for Plesk database users. To make your settings work, the application must use the credentials of the appropriate database user for accessing the database.

Note: The options described below are displayed only if your subscription is granted the permission Remote access for database users. In addition, if you use PostgreSQL or SQL Server, the Plesk firewall must be switched on by your hosting provider.

Setting Up Access to MySQL Databases

For MySQL database users, the remote access is controlled by MySQL native security mechanism - access control lists (ACL). Your custom settings are added to the MySQL access control lists.

To specify the access settings for a MySQL user:

1. For an existing user, go to Databases > Users > select a user > Access Control group of options. For a new user, go to Databases > Users > Add Database User > the Access Control group of options.

   Alternatively, you can set up access control when creating a database if you create a user at the same time as creating the database: Databases > Add a Database > Create a database user.

2. Use one of the following options to control the remote access to the database on behalf of this database user:
   • Allow local connections only. Select to allow access from all Plesk's IP addresses. These include the localhost and all other IP addresses used by Plesk.
   • Allow remote connections from any host. Select to allow access from any server, including the localhost and IP addresses of the Plesk server.
   • Allow remote connections from (the specified hosts). Select to allow access from the specified host names or IP addresses. Note that local connections will be allowed too.
3. If Plesk employs a firewall, you can see the corresponding message below the Access control options. You will need to contact your hosting provider to confirm that the firewall allows remote connections to MySQL.

   If the Plesk firewall prohibits remote incoming connections to MySQL, then custom access control settings will not work.

Setting Up Remote Access to PostgreSQL Databases

For a PostgreSQL database user, the remote access is controlled by firewall rules. Your custom rules are added to the system firewall rules after your hosting provider has reviewed them to make sure the custom rules do not conflict with the existing rules.

To specify the access settings for a PostgreSQL user:

1. For an existing user, go to Databases > Users > select a user > Remote Access group of options. For a new user, go to Databases > User Management > Add Database User > the Remote Access group of options.

   Alternatively, you can set up access control when creating a database if you create a user at the same time as creating the database: Databases > Add a Database > Create a database user.

2. Use one of the following options to control the remote access to the database on behalf of this database user:
   • Use the system firewall rules. The rules defined by your hosting provider will be used.
   • Allow remote connections from (the specified hosts). Select this option to specify IP addresses from which the user can access the database. Before your changes are applied, they will be pre-moderated by your hosting provider.

Setting Up Remote Access to Microsoft SQL Server Databases (Windows)

For a SQL Server database user, the remote access is controlled by firewall rules. Your custom rules are added to the system firewall rules after your hosting provider has reviewed them to make sure the custom rules do not conflict with the existing rules.

To specify the access settings for a SQL Server user:

1. For an existing user, go to Databases > Users > select a user > Remote Access group of options. For a new user, go to Databases > User Management > Add Database User > the Remote Access group of options.

   Alternatively, you can set up access control when creating a database if you create a user at the same time as creating the database: Databases > Add Database > Create a database user.

2. Use one of the following options to control the remote access to the database on behalf of this database user:
   • Use the system firewall rules. The rules defined by your hosting provider will be used.
   • Allow remote connections from (the specified hosts). Select this option to specify IP addresses from which the user can access the database. Before your changes are applied, they will be pre-moderated by your hosting provider.