Disable Remote MySQL in cPanel

Found;

/usr/local/cpanel/base/frontend/paper_lantern/dynamicui.conf

https://documentation.cpanel.net/display/SDK/Guide+to+cPanel+Plugins+-+The+dynamicui+Files

As reference.

I don't think it's off-topic at all! Discussion of implementation is a perfectly on-topic thing to have here. :)

For me it's just this - Increase security so that my users are not able to allow remote connections without contacting me, and allowing me to vet the incoming traffic.

Our edge firewall in/out doesn't allow port 3306, We have to manually accept the IP, this causes confusion with our clients when they try to connect to an external SQL. I'd like an option to disable it per package.

@Meto2 and @JonTheWong +1

I'll add one more - which supports the other two.

* Reduce the number of applications the system maintains. I think that we should be able to disable the features and applications from use so that I don't have to monitor the vulnerability db for more packages than we necessary. This falls into the category, "turn off all services you are not using" that exists in every security handbook.

I think there should be an option in the WHM to disable remote MySQL in the MySQL section. This would block remote MySQL access in the server configuration and remove the icon to it in cPanel. It's very confusing now when customers see the option and it's not available.

Generally every icon / feature should be available to be disabled or enabled in features. For example i may offer remote Mysql access only for some packages. But now i can not do it and even smallest packages can use it, which creates additional load when people use it for game servers.

@Michal - I agree 100% that we need the ability to enable / disable which features are accessible to users in cPanel. I know this feature request thread is aimed at just the Remote mySQL feature, but there are several others that we'd like to be able to control, some of which just cause confusion and more support tickets from users. One example is the "Mail Client Automatic Configuration Scripts" feature, which seems to generate a lot of support requests from users with iPads / iPhones saying that they used it and followed the instructions, but it's not working correctly and they're getting blocked in server firewall for invalid/incorrect mail client settings. I'd rather just send each customer a link to instructions and help them get it right the first time. Similarly in the Email Accounts > Connect Devices feature, the "Mail Client Manual Settings" , although it provides correct information, the way that it's presented tends to cause users to use IMAP just because it's the first thing they see listed, and then within a month they're asking why their Inbox Quota is "full" because they don't understand that IMAP leaves all Inbox / Sent messages on the server forever (especially problematic for small shared hosting accounts with limited disk / limited iNodes). In my particular environment I want to encourage the use of POP3 / manual setups instead so that their devices can be set to remove messages from the server. Another issue is the Domains > Create a Domain feature - many users do not understand the difference between that and Addon Domain, and so they end up using the Domains > Create a Domain feature and unwittingly leave a check next to "Share document root" which in-turn creates the unwanted result of what they thought would be it's own separate site, instead sharing the public_html of their main site, and then they end up trying to operate two different sites from within the same folder (you can imagine the fun that creates when they intended to have two completely different / separate WordPress sites, for example). I wish we could remove that feature so that the user will utilize the actual Addon Domains function so that there's no conflicts or repairs necessary, and the actual Addon Domain is set up properly the first time without us having to go through and remove / re-do the work the proper way for them. Sorry for the long post mentioning other features, but while cPanel adds features in an attempt to improve / make things easier for the user, in some cases such features do just the opposite and create more problems / confusion / support tickets.

If we could be given more fine-grained control over the features (and perhaps also customize the default instructions that cPanel provides) , we could cut down on support tickets, problems, and save time / provide a better overall experience for our customers. Not every host does everything the same way, and so giving us more control over the features and what is visible to the user would benefit everyone involved.

i also would like this to be removable we don't allow this by default because of security but as the icon still shows we get customers that are trying to enable it unsuccessfully and this creates annoyed customers and tickets.

/usr/local/cpanel/base/frontend/paper_lantern/dynamicui/dynamicui_hide_icon.conf (initial solution offered 5 years ago) no longer exists. Is there another workaround to remove the remote_mysql icon from Cpanel's 'sql' group of icons?

@Norman Grieve, you need to create the file and add:

file=>remote_mysql,skipobj=>1

inside.