Database servers should never be exposed to the open Internet. Even when password protected, database servers are still vulnerable to brute-force password attacks as well and a variety of other software vulnerabilities.
There are - generally speaking - three solutions for this:
-
Disable the Database server. This is obviously not something that is always possible, but when it is, the easiest thing to do is disable the server.
-
Block with a Host or Network Firewall. Using your existing host or network-based firewall software, block the port from the open internet.
-
Whitelisting. Using your firewall, specify only specific IP addresses that can discover and use your database server.
Note: This may NOT be possible on shared hosting environments. If you are using shared hosting provider and collecting sensitive data, please see our article on Choosing the Right Hosting Provider for your Business.
For more information on this topic please reach out to us; we’re here to help!