On my server, I have CPanel installed with MySQL and phpMyAdmin and the like. On my CPanel, there is an option titled "Remote MySQL", and this page allows me to specify IP addresses of servers that are permitted to access my databases on this server. Now, I can enable any server to access my databases (given they have the database name, user, and password) if I enable the wildcard '%' as a viable server that is allowed to access my databases with the correct information.
So, why am I telling you this? I am building a Windows application (.exe) that needs to access my MySQL database on my live server in order to make changes and function properly. I have the application working properly and it is able to access and change information in my MySQL database with the code I have written. However, the application can only access my database if the IP of the person using the application has been added to the list of servers allowed to access my MySQL DB, which as I said before is an option in my CPanel. Now, obviously I cannot add the IP address of every user who downloads my application to this list, and therefore I came up with the solution of enabling any server from any IP address to gain access to my database, if the proper information and password is known and provided.
So, my question to you is this: Is it a bad idea for me to allow "remote access" to my MySQL databases from any server IP? Since they would first need the DB username and password to even access my DB, I would assume that allowing any server IP access to my DB in CPanel would not be an issue. But, am I correct in assuming that this would not be a potential security issue for me? Please help me to clarify whether or not allowing remote access to my MySQL databases to any server IP is a good or bad idea, based on the circumstance that my Windows application needs to access this database from any IP address in order to function properly.
I thank you in advance for any advice or rationale I receive.