I’m pretty new to Python but have been running a few programs locally using Komodo edit, and then uploading the results manually to my website’s MySQL database.
I’m looking into letting Python do this on it’s own, but as i understand it i have to open my MySQL database to anyone regardless of if they are running scripts on my server or not if I’m to do this.
I’m guessing this is due to with security reasons, but i don’t know how vulnerable this can make my site? Is it a bad idea to do it this way, or would it be better to run my python program from the server itself? (I’ve never run python code from my server, and my python code too, might be insecure)
If you have a access to the entire server (i.e. not just the hosting directory as is common on some shared hosting setups), and can ssh into the server, then your safest (though not easiest) option is to place the script on the server outside of the web hosting folder. This will stop anyone from remotely accessing the script, and will let you connect to the db without enabling remote connections.
You could enable remote connections if your hosting server set up allows it (not sure if any hosting companies disable, or prevent it, though you may have to enable it from the start when you create the database) Just select a nice strong password. Then you can use your script locally, and you’d be as secure as your password.