Skip to main content

One post tagged with "best-practice"

View All Tags

Exposing Databases to the Internet: Seriously?

· 6 min read
Co-founder of ZenStack

Cover image

One big piece of conventional wisdom for software operation is "never expose internal-facing services to the public", and databases (especially SQL databases) fall into that category. It's good advice because data stored in them are usually highly sensitive and indispensable to most systems' proper running. Investigations with honeypots showed that publicly open databases are discovered within hours after they become active and start getting attacked within a day. What's scarier than this is you often don't even know you ever had a data breach.