I'm trying to find documentation that discusses a secure way to create a permanent connection between an Apache Webserver and a separate MySQL database server. I'm not having a lot of luck finding the standard process to connect the two securely. How is this typically done?
SnapOverflow
Have your servers on a private VLAN(s).
If your Application server is 192.168.1.10 and your MySQL server is 192.168.1.11 -
On the MySQL server do a GRANT statement that gives your PHP application's host access to the MySQL server. i.e. GRANT INSERT, SELECT on db.* from appuser@'192.168.1.10' identified by 'password';
In your PHP code specify the MySQL host when you create the connection string:
Also need to ensure that your my.cnf doesn't have bind-address=127.0.0.1, if it does no remote connections will be permitted. So comment that out.
There is no such thing as a "permanent connection" between the web application and the DB Server. The application will open a connection to the SQL server, do its work, and then close the connection when it's done.
The way in which the application connects to the server is determined by the application itself; typically it will have a configuration file in which you will need to set the connection parameters. And what options you have for securing that connection are going to be in part determined by what that application supports and requires.