[DiscordArchive] I moved my server from a private subnet to a public IP, and the database was promptly hacked/ransome
[DiscordArchive] I moved my server from a private subnet to a public IP, and the database was promptly hacked/ransome
Original source
I moved my server from a private subnet to a public IP, and the database was promptly hacked/ransomeware. Not a big deal since I have backups I can restore from, but I saw that the database was exposed to outside connections (and the default name/passwords are really weak). Is there a way to limit DB access to only local/acore docker instances?
rektbyfaith
01-17-2023, 09:34 PM #1Archived author: notsure • Posted: 2023-01-17T21:34:38.529000+00:00
Original source
I moved my server from a private subnet to a public IP, and the database was promptly hacked/ransomeware. Not a big deal since I have backups I can restore from, but I saw that the database was exposed to outside connections (and the default name/passwords are really weak). Is there a way to limit DB access to only local/acore docker instances?
Original source
First of all you should never expose your sql port unless absolutely necessary
rektbyfaith
01-17-2023, 09:36 PM #2Archived author: Foe • Posted: 2023-01-17T21:36:18.124000+00:00
Original source
First of all you should never expose your sql port unless absolutely necessary
Original source
Second, you should change the default password and limit the allowed hosts, you can do this through the mysql console or using your sql editor by choice
rektbyfaith
01-17-2023, 09:37 PM #3Archived author: Foe • Posted: 2023-01-17T21:37:03.695000+00:00
Original source
Second, you should change the default password and limit the allowed hosts, you can do this through the mysql console or using your sql editor by choice
1 Guest(s)
1 Guest(s)