How to allow remote access to database on Digital Ocean Server (from Scratch)

You can buy managed database from Digital Ocean that have ready to serve database. On this you can easily add or remove user granting them remote access or access to specific server. However, it is costly. The cheapest on as of this writing cost 15 dollars per month. You can buy server with a same capacity for just 5 dollar and install the mysql server and configure remote access.

So on this tutorial, we will show you how you can set up database and grant remote access to all or specific server from scratch.

1. Create a droplet on a Digital Ocean.

2. SSH Into the newly created server:

$ ssh [email protected]

3. (Optional) Change the root password:

$ sudo passwd root

4. Install Mysql:

$ sudo apt-get update && sudo apt-get install mysql-server -y
$ sudo mysql_secure_installation utility

5. Now allow the remote access:

$ sudo vim /etc/mysql/mysql.conf.d/mysqld.cnf

// Now change bind-address to 0.0.0.0, so that it can be accessed by any remote server
bind-address = 0.0.0.0

Note: If you want to provide access to specific server, then add the ip(s) of the server(s) instead of 0.0.0.0.

6. (Optional) Turn off the strict mode:

$ sudo vim /etc/mysql/mysql.conf.d/mysqld.cnf

//Add or edit sql_mode to empty, as below
sql_mode =

7. Enable `3306` port on firewall and restart:

$ sudo ufw enable && sudo ufw allow 3306 
$ sudo systemctl restart mysql

8. (Optional but Recommended) Launch mysql on reboot:

$ sudo systemctl enable mysql

9. Now, you can connect to `mysql` on the same server by running following command:

$ mysql -uroot -p

10. View a list of users that has access to mysql by executing following command:

SELECT User, Host, authentication_string FROM mysql.user;

11. Add a new user and allow them a access from any server:

CREATE USER 'sam'@'%' IDENTIFIED BY 'your-password';

[
    NOTE: 
    '%' means db can be accessed by anyone (droplet, server, users)
    For more security, one or more ip address can be added to restrict access to database to certain IP (server)
    For e.g. CREATE USER 'sam'@'190.22.28.22' IDENTIFIED BY 'your-password';
]

12. Grant all permission to the user:

GRANT ALL PRIVILEGES ON *.* TO 'sam'@'%' WITH GRANT OPTION;

[
    NOTE: 
    '%' means db can be accessed by anyone (droplet, server, users)
    For more security, one or more ip address can be added to restrict access to database to certain IP (server)
    For e.g. GRANT ALL PRIVILEGES ON *.* TO 'sambhu'@’190.22.28.22' WITH GRANT OPTION;
]

13. Flush Privileges for change to take effect:

FLUSH PRIVILEGES

15. Now you can easily connect to the database remotely via client such as "sequel pro" or through a command line as below:

mysql -usam -p -h 162.134.167.56

15. To Import Database:

mysql -usam -p -h 162.134.167.56 name-of-your-database < name-of-your-database.sql

// With Progress viewer
pv name-of-your-database.sql | mysql -usam -p -h 162.134.167.56 name-of-your-database

Source:
https://www.digitalocean.com/community/tutorials/how-to-allow-remote-access-to-mysql
https://support.rackspace.com/how-to/install-mysql-server-on-the-ubuntu-operating-system/
https://www.youtube.com/watch?v=43UYh5xBIP0
Note: The IP address used above is imaginary. If it matches yours, then it would just be a coincidence and Please Do Play a National Lottery.