Need recommendations for Xojo Hosting

Hi,

I currently have an Xojo Cloud account, but it turns out that we need to connect to our MySql DB from our desktop app. We are a society and our Xojo app handles all our membership info. Plus we have about 9 various Xojo web apps that need to be hosted.

It seems connecting to our MySql db from our desktop is troublesome. The only way they recommend is to use SSH through a terminal window. I can’t really seem to make that work. The other method is have a Xojo web app do the connecting and act as a middle tier. Desktop would make requests to the Middle Tier app and it would fetch the data and send it back to the desktop client. Do not have enough time to re-architecture the app, there are tons of queries.

So I’m wondering if anybody knows of a service that would fulfill our needs.

Thanks

ssh tunnels can be set up programmatically
been there done that

macOS its pretty simple
windows is trickier since it may not have a suitable cmd line app to do the tunnel installed

EDIT : here’s examples - look at remote fowarding
https://www.ssh.com/ssh/tunneling/example

basically when you forward a port like this you connect LOCALLY to whatever port and its forwarded to the remote one using SSH
it behaves exactly like a local connection

EDIT 2: here one for Windows set up using PUTTY
https://docs.bitnami.com/bch/faq/get-started/access-ssh-tunnel/

Once there was an open souce webapplication that could create rest api’s easily from databases perhaps it was Aloe’s first release or so i’m not sure but it could be an easy solution for your issue.

Luna it was
https://github.com/timdietrich/luna

In order for it to work, you first have to deploy an app from Xojo, so the other users would not be able to connect. It could work for me but not other users.

So I can’t see XC working at all if you they make some concessions.

middleware would be a decent solution BUT since it requires rearchitecting see my previous post (which I edited twice) about port forwards

other than that 1701’s serverwarp may suit
dunno about other options short of your own VPS but then you get all the security headaches as well

Norman,

I ran the command ssh -L 5432:localhost:5432 dbadmin@x.x.x.x -N

and it timed out.

Then deployed an app using Xojo to Xojo Cloud.

Then ran the command again, This time it connected and prompted for the Password. It seems if your not on a static IP it won’t work.

@Norman Palardy

What is 1701’s serverwarp?

it sure does
but if your behind a natted router etc then you may need to forward ports on your router to your machine

But I can’t do that for my users. They may be anywhere.

FWIW, you shouldn’t be giving away your SSH tunnel access to your users anyway. It’s a HUGE security risk because any one would have unprotected access to the database. It’s for management purposes only.

The other problem I foresee is that if one of your customers leaves, you’ll need to reset that ssh password… and then update all of your customers.

There is also the possibility that we could change how databases are accessed remotely in the future.

@Greg O’Lone

It won’t work anyway, as the users have random ips as I said above. Our users consist of 4 employees and they don’t know sql from a tree. Security is not a concern in this case.

[quote=455480:@Richard Albrecht]@Greg O’Lone

It won’t work anyway, as the users have random ips as I said above. Our users consist of 4 employees and they don’t know sql from a tree. Security is not a concern in this case.[/quote]
I’m hearing from Jason that you got this issue figured out though. That’s good to hear.

SSH Tunnel?

We have a plugin class for that: See SSH2TunnelMBS class in MBS Xojo Network Plugin.

@Greg O’Lone

He just sent me an email that he may have a solution, but I have no idea.

@Christian Schmitz

If they can solve the problem of connecting from random IP addresses then I will look into this. Thanks

[quote=455485:@Richard Albrecht]@Christian Schmitz

If they can solve the problem of connecting from random IP addresses then I will look into this. Thanks[/quote]
There’s nothing to solve. You just need to be careful not to “ping” the server and not do a port scan and you’ll probably be fine.

@Greg O’Lone

I was unable to connect until I deployed an app from Xojo. It then connected fine. So how can there not be a problem to solve?

[quote=455517:@Richard Albrecht]@Greg O’Lone

I was unable to connect until I deployed an app from Xojo. It then connected fine. So how can there not be a problem to solve?[/quote]
Your inability to connect to the server was because of how you had been attempting to communicate with the server previously. Deploying to your server temporarily lifts some of the security restrictions so that you can connect and upload an app from your computer, but acting like a potential intruder certainly can surely get you blocked.

For example, Pinging has an ever increasing penalty, so the more you use it, the longer you’ll be denied access. Also, attempting to connect on multiple ports in a short period of time also carries a penalty, so trying to connect to ssh and one of the databases directly and http might also have gotten you blocked for a time.

The point is that a Xojo Cloud server is not just a Virtual Private Server with a simple firewall and some software to interact with our IDEs. its more equivalent to a managed server with an adaptive firewall, an intrusion detection system, Security Enhanced Linux and regular system updates. Think of the difference between having a simple lock on a doorknob and also having a deadbolt, a German Shepard, an alarm system and a hundred kilo safe when trying to protect your valuables. Yes, you may never need all that stuff and they may be inconvenient, but if you do, you’re much better off having had it there in the first place. Unfortunately, the only way to tell the good guys from the bad is by how they behave. Just like the home security example, if you try to break in or act aggressively, you’re going to attract someones attention, the police are probably going to show up and you’ll almost definitely get bitten.

We’ve found that the most important thing is not to get frustrated if you’re running into problems. I know it sounds counterintuitive, but people who have any previous server experience tend to start aggressively trying to contact their server when something goes awry. To the server, that looks exactly like the preamble to an attack. The secret is to take a deep breath and give the server’s security systems a chance to settle down. Once they do, you’ll be granted access again. The trick being that if you try again too soon, you will just extend your timeout period. 5 or 10 minutes ought to do it… or as we’ve said before… just deploy a simple app from the IDE.

@Greg O’Lone

I get all that. Very well written btw. You should turn it into a blog post.

My question is how can a user of mine make an ssh connection when they don’t use Xojo. They are not programmers, they are users.The have dynamic ip addresses. They may be anywhere from home, office or some hotel. That’s what I’m referring to when I say that there’s a problem to solve.