Can't Connect to RDS mysql DB from Wordpress on Ubuntu 18.04 EC2 Instance

0
votes

I'm trying to run Wordpress on my Ec2 instance with RDS MySQL database.

Here's the tutorial I've followed https://cristianocastro.net/instalando-wordpress-em-um-servidor-amazon-aws-pt-2-3/

But when I try to access the Ec2 instance that connect to the RDS on the browser it shows this message

Error establishing a database connection

I put in the security group inbound and outbound all traffic anywhere.

Here's the print from my security group rule.

enter image description here

Appreciate the help

PS: Saw this question, with no anwser Can't Connect to RDS mysql DB from Wordpress on Amazon linux EC2 Instance

Edit: Rules from security group of the ec2 instance that will access RDS.

enter image description here

2
wordpressamazon-web-servicesamazon-ec2amazon-rds
Are you connecting to the RDS over internet? Is it publicly available? If not, is it in the same VPC as your instance?Marcin
Is the security group you posted the RDS one? If so, can you share also the entries of the one associated with the EC2?Andre.IDK
@Marcin yes, I'm trying over internet. And also yes. And it's in the same VPCAlexandre Gentil
@Andre.IDK yes. And I will edit the question with this image.Alexandre Gentil
If you are using internet, you have explicitly enabled public access to your RDS? Its an option in the RDS settings.Marcin

2 Answers

1
votes

Based on the info you provided it seems your RDS is publicly accessible via the internet and connections are going to be accepted from any host (you might want to restrict these later)

Assuming that your software setup (OS, php, MySQL libraries, Wordpress) is okay and you’re using the right parameters in the WP configuration (host, port, user, password, db).

One of the remaining issues might be that the Security Group attached to your EC2 instance doesn’t allow connectivity on port 3306 (MySQL) towards the IP Address of your RDS instance.

1
votes

It appears that you have:

  • An Amazon EC2 instance
  • An Amazon RDS instance

The typical security configuration would be:

  • The Amazon RDS database configured as Publicly Accessible = No
  • A Security Group (EC2-SG) on the Amazon EC2 instance that permits inbound traffic from your desired locations (eg port 22 for SSH), and default Outbound rules permitting all traffic outbound
  • A Security Group (RDS-SG) on the Amazon RDS database instance that permits inbound traffic on port 3306 from EC2-SG

That is, RDS-SG should specifically reference EC2-SG to permit the inbound connection.

Security Group referencing another Security Group

The app running on the EC2 instance should reference the RDS database via the DNS Name shown in the RDS console.