Hello
How true is the information that if you put the database on a dedicated server and connect to it remotely (not through localhost), then the risks of hacking the database increase?
If such risks exist, the current how to reduce and prevent them?
DBMS: mysql.
Thank.
Once the mysqld server listens to the external interface, any cooleader armed with a port scanner can detect it. Then he can charge the brute force picking up passwords from the root, bombarding it with attempts to login. If the root password is simple, it will be picked up sooner or later.
Those. Formally, the answer is “yes” : an extra open port, service accepting connections from the outside - the risk of hacking increases.
How to prevent - read about the security of MySQL and the OS of your dedicated server. It is necessary to cut off all the possibilities, except for those foreseen: if you expect connections to MySQL only from a certain server, whose IP is known, you must disable connections from all others. Well, change the password in MySQL root.
To protect a remote connection to the database, you can use ssh tunneling or vpn, but the connection speed to the database will be lost due to encryption, plus the loss on the channel itself. if the base is more or less loaded, this can be a problem.
Source: https://ru.stackoverflow.com/questions/344405/
All Articles