I am building a .NET application that needs to access a remote MySQL database. To me that means that I will need to enable “Remote MySQL” access with a “%” qualifier so that anyone, from any IP can access the database. This is VERY insecure, right?
Is there a way to buffer the database requests/modifications through a central website so that all users of my .NET app will connect to a website and the website will access the database? Can anyone point me towards literature explaining how it would work? I am at a loss.
I think it would make more sense to expose a Web Service (WCF) and have all the data requests go through there. Your Web Service would be the only one in charge of accessing the database.
Depending on the requirements; you may choose to accept RAW SQL statements that you would then execute against the database or simply (preferably) provide an interface (Methods in your web service) for all required data modifications to the tables, etc.