Protect your database

Posted on April 21, 2009 by Marcus.

Limit access to the database server

You have a web application firewall or even a dedicated appliance to protect your web server? If so, that's great. But, what are you doing to protect the data itself?

The database server much more deserves to be properly secured; it's where your actual data is stored. The web server together with TYPO3 Core is just a nice frontend to the database.

To back that up:
In February 2009, TYPO3 fixed a severe vulnerability where any file the web server user account has access to was exposed to website users. (TYPO3-SA-2009-002). Crackers exploited that vulnerability and placed a fake message on the website of the well-known german soccer team FC Schalke 04. That message announced the dismissal of a player. You can imagine that this attracted attention by press and damaged the teams reputation.

According to reports, the cracker did not use TYPO3 at all. No, he just connected to the database server with the credentials he gained by exploiting the vulnerability and modified data there.

So the web site service provider failed to secure the database server.

 

How to avoid it:

If your web and database server are on the same host, there's no need to let the database server listen on a publicly available interface. Bind the server to localhost (127.0.0.1) only!

If your web and database server are on different hosts, restrict access to the database server with a firewall rule to the subnet only where you web servers are running in. The connection could be secured by using a VPN or VLAN.

Then, on the database server itself, let the database user only connect from a specific IP or subnet to the TYPO database. (see tutorial IP restricted DB access)