![online mysql workbench online mysql workbench](https://downloads.guru/i/win10/MySQL-Workbench_main_window_11868_650x200.jpg)
![online mysql workbench online mysql workbench](https://windows-cdn.softpedia.com/screenshots/MySQL-Workbench_21.png)
Your queries that you send (and their responses) are send in plain text again you DO NOT want that as one can easily tamper that data.įurthermore having query results back in plain text which could contain sensitive information is a whole other issue. Your login data gets transferred plaintext over the internet you DO NOT want that obviously :) To give an answer on your question: No it's not safe. With both of these approaches you can bind MySQL to localhost only it's the most secure option. Use VPN and allow connections from the internal VPN network only. This example binds local port 13306 and tunnel connections to localhost:3306 on remote side: ssh -L 13306:localhost:3306 Use a SSH tunnel and you can connect your MySQL server just like the Workbench was there. Considering the effort needed for the access control and securing the SQL connection with OpenSSL, they are much more practical: But there are other ways of securing the connection to your SQL server, too. If you really need to have direct connection between your local Workbench and remote MySQL Server, Use Secure Connections. This increases security as it also prevents using any potential exploits. While the user also have list of allowed hosts, 6.1.1 Security Guidelines suggests doing this on firewall level, before the hosts even gets connected to your MySQL Server (default port 3306). The MySQL Reference Manual has a whole Chapter 6 for Security.įirst, you shouldn't allow connections from anywhere over the internet, but only from the known trusted hosts.