The MySQL Query Server is an MCP-based solution for real-time database operations using Server-Sent Events (SSE). It provides secure access to MySQL databases with features like connection pooling, transaction management, SQL risk control, and database isolation security.
The easiest way to get started is using Docker:
# Pull the image
docker pull mangooer/mysql-mcp-server-sse:latest
# Run the container
docker run -d \
--name mysql-mcp-server-sse \
-e HOST=0.0.0.0 \
-e PORT=3000 \
-e MYSQL_HOST=your_mysql_host \
-e MYSQL_PORT=3306 \
-e MYSQL_USER=your_mysql_user \
-e MYSQL_PASSWORD=your_mysql_password \
-e MYSQL_DATABASE=your_database \
-p 3000:3000 \
mangooer/mysql-mcp-server-sse:latest
For Windows PowerShell:
docker run -d `
--name mysql-mcp-server-sse `
-e HOST=0.0.0.0 `
-e PORT=3000 `
-e MYSQL_HOST=your_mysql_host `
-e MYSQL_PORT=3306 `
-e MYSQL_USER=your_mysql_user `
-e MYSQL_PASSWORD=your_mysql_password `
-e MYSQL_DATABASE=your_database `
-p 3000:3000 `
mangooer/mysql-mcp-server-sse:latest
Install dependencies:
pip install -r requirements.txt
Configure environment variables:
.env.example to .envStart the server:
python -m src.server
The server will be available at: http://127.0.0.1:3000/sse
The server can be configured using environment variables:
| Variable | Description | Default |
|---|---|---|
| HOST | Server listen address | 127.0.0.1 |
| PORT | Server listen port | 3000 |
| MYSQL_HOST | MySQL server host | localhost |
| MYSQL_PORT | MySQL server port | 3306 |
| MYSQL_USER | MySQL username | root |
| MYSQL_PASSWORD | MySQL password | (empty) |
| MYSQL_DATABASE | Database name | (empty) |
| DB_CONNECTION_TIMEOUT | Connection timeout (seconds) | 5 |
| DB_AUTH_PLUGIN | Auth plugin type | mysql_native_password |
| DB_POOL_ENABLED | Enable connection pool (true/false) | true |
| DB_POOL_MIN_SIZE | Pool min size | 5 |
| DB_POOL_MAX_SIZE | Pool max size | 20 |
| DB_POOL_RECYCLE | Pool recycle time (seconds) | 300 |
| DB_POOL_MAX_LIFETIME | Max lifetime (seconds, 0=unlimited) | 0 |
| DB_POOL_ACQUIRE_TIMEOUT | Acquire timeout (seconds) | 10.0 |
| ENV_TYPE | Environment type (development/production) | development |
| ALLOWED_RISK_LEVELS | Allowed risk levels (comma separated) | LOW,MEDIUM |
| ALLOW_SENSITIVE_INFO | Allow sensitive info (true/false) | false |
| SENSITIVE_INFO_FIELDS | Custom sensitive fields (comma separated) | (empty) |
| MAX_SQL_LENGTH | Max SQL length | 5000 |
| BLOCKED_PATTERNS | Blocked SQL patterns (comma separated) | (empty) |
| ENABLE_QUERY_CHECK | Enable query check (true/false) | true |
| ENABLE_DATABASE_ISOLATION | Enable database isolation (true/false) | false |
| DATABASE_ACCESS_LEVEL | Database access level (strict/restricted/permissive) | permissive |
| LOG_LEVEL | Log level (DEBUG/INFO/...) | DEBUG |
The system supports MySQL 8.0's authentication mechanisms. MySQL 8.0 defaults to using the caching_sha2_password authentication plugin for enhanced security.
| Plugin | Security | Compatibility | Dependencies |
|---|---|---|---|
mysql_native_password |
Medium | High | None |
caching_sha2_password |
High | Medium | cryptography |
For production:
DB_AUTH_PLUGIN=caching_sha2_password
For development:
DB_AUTH_PLUGIN=mysql_native_password
When using caching_sha2_password, the cryptography package is required:
pip install cryptography
The system provides robust database isolation to prevent cross-database access and ensure data security.
| Level | Allowed Access | Use Case |
|---|---|---|
| strict | Only specified database | Production |
| restricted | Specified + system databases | Development |
| permissive | All databases | Testing |
# Docker with strict mode
docker run -d \
-e MYSQL_DATABASE=your_database \
-e ENABLE_DATABASE_ISOLATION=true \
-e DATABASE_ACCESS_LEVEL=strict \
mangooer/mysql-mcp-server-sse:latest
# Auto-enable in production
docker run -d \
-e ENV_TYPE=production \
-e MYSQL_DATABASE=your_database \
mangooer/mysql-mcp-server-sse:latest
Security Effects:
SHOW DATABASESSELECT * FROM mysql.userSHOW TABLES FROM other_dbImportant: Production environment (
ENV_TYPE=production) automatically enables database isolation withrestrictedmode.
Q: DELETE operation not working?
A: Check for WHERE condition. DELETE without WHERE is high risk (CRITICAL), must be allowed in ALLOWED_RISK_LEVELS.
Q: How to customize sensitive fields?
A: Set SENSITIVE_INFO_FIELDS, e.g. SENSITIVE_INFO_FIELDS=password,token
Q: How to enable database isolation?
A: Set ENABLE_DATABASE_ISOLATION=true and DATABASE_ACCESS_LEVEL=strict, or use ENV_TYPE=production for auto-enable.
Q: Cannot query system tables after enabling database isolation?
A: strict mode blocks system table access. Use restricted mode or verify if system table access is actually needed.
Q: limit parameter error?
A: limit must be a non-negative integer.
There are two ways to add an MCP server to Cursor. The most common way is to add the server globally in the ~/.cursor/mcp.json file so that it is available in all of your projects.
If you only need the server in a single project, you can add it to the project instead by creating or adding it to the .cursor/mcp.json file.
To add a global MCP server go to Cursor Settings > MCP and click "Add new global MCP server".
When you click that button the ~/.cursor/mcp.json file will be opened and you can add your server like this:
{
"mcpServers": {
"cursor-rules-mcp": {
"command": "npx",
"args": [
"-y",
"cursor-rules-mcp"
]
}
}
}
To add an MCP server to a project you can create a new .cursor/mcp.json file or add it to the existing one. This will look exactly the same as the global MCP server example above.
Once the server is installed, you might need to head back to Settings > MCP and click the refresh button.
The Cursor agent will then be able to see the available tools the added MCP server has available and will call them when it needs to.
You can also explictly ask the agent to use the tool by mentioning the tool name and describing what the function does.