← Back to team overview

maria-discuss team mailing list archive

Re: Parallel Databases and network security


Am 15.01.2018 um 23:31 schrieb Ruben Safir:
Now, I had two choices, to change the software to talk across the
open local area network, and move the database to the webserver...
or hot copy, which I know maria has been able to do for a while, but I
never implimented it.  But i want to do this and restrict connections to
the internal network.  It is easy enough to justblock the external ports
but I would rather do this through the database.

but it is pretty dumb have mysqld reachable on the WAN because you expose every future CVE for no good reason

Restrict network access? Specify the correct peer ip address or a host
name when creating a user

the IP - security based on PTR records and rely on name-resolution is a bad idea, anyways one needs still tell me one sane reason why do ip restrictions in the atatcked application instead the networklayer in front of

Follow ups