0

I have a AWS EC2 Windows instance with XAMPP and a database. To enable global access to the database, I made its IP global. Additionally, I added a password to my phpMyAdmin.

However, someone is consistently deleting my database daily. Initially, I thought it might have been an accidental deletion or a glitch, so I changed my password. Despite this, the same issue persists—someone is repeatedly deleting the database, which is actively in use.

Any insights or solutions to this problem would be greatly appreciated.

Improve this question
1
  • apachefriends.org/faq_windows.html "XAMPP is not meant for production use but only for development environments. XAMPP is configured to be open as possible to allow the developer anything he/she wants. For development environments, this is great but in a production environment, it could be fatal."
    – ceejayoz
    Commented Apr 26 at 15:46

2 Answers 2

Reset to default
1

To enable global access to this database, I made its IP global

Don't do that.

Even for experts this is a massive no-no. If you don't even know how to start investigating this them you still have a lot of learning to do.

Additionally, I added a password to my phpMyAdmin

So you didn't just install MySQL, you also installed a webserver, PHP and PHPMyAdmin.

someone is repeatedly deleting the database

Given your description of events this is not surprising.

If you really must expose a host like this, then using MS-Windows is not a good start. It exposes a LOT of attack surface by default and is difficult to automate management.

While this is FAR from an optimal solution, based on a VERY constrained budget and skills, your quickest approach to protecting the service will be to install a vpn server on the host and configure a host firewall to block ALL external traffic apart from:

  1. Whatever protocol you use for remote admin (ssh or RDP over SSL are OK, so is direct console access - if you are using something else, change that NOW).

  2. the VPN end point

BTW if someone can interfere with your data then they could easily have access to the OS - wipe it and start again from scratch.

Improve this answer
4
  • The issue is that my project can only be deployed on windows server because of some dependencies. I want to deploy that project on that windows server and want to access that mysql database.
    – Mustafa Ahmad
    Commented Apr 24 at 8:10
  • 2
    I find it VERY hard to believe that these dependencies need to reside on the same host as the DBMS / the DBMS needs to be exposed on the internet. Even if that were the case, it does not change my recommendations.
    – symcbean
    Commented Apr 24 at 8:13
  • @MustafaAhmad I can believe that your project must be deployed under Windows. Does that necessitate that the MySQL server also be deployed under a Windows server? And does the MySQL service need to be accessible to anything other than localhost (assuming the service and the database are on the same host)?
    – doneal24
    Commented Apr 24 at 19:38
  • @doneal24 yes, I want to access MySQL on different ips other than localhost.
    – Mustafa Ahmad
    Commented Apr 25 at 9:56
0

Make your database private and add those IPs in the security group from you which want to access that RDS instance.

Improve this answer

Not the answer you're looking for? Browse other questions tagged .