Collaborate Disseminate
A critical security vulnerability has been reported in phpMyAdmin—one of the most popular applications for managing the MySQL database—which could allow remote attackers to perform dangerous database operations just by tricking administrators into clic… Continue reading Critical Flaw Reported In phpMyAdmin Lets Attackers Damage Databases
I have built a PHP API which queries data from some tables in an online SQL database.
The credentials with which it connects to the database are saved in another file, and are loaded at start. The user with those credentials … Continue reading How vulnerable is connecting Android App to PHP API with prewritten queries
Security researchers have discovered multiple attack campaigns conducted by an established Chinese criminal group that operates worldwide, targeting database servers for mining cryptocurrencies, exfiltrating sensitive data and building a DDoS botnet.
… Continue reading Hackers Targeting Servers Running Database Services for Mining Cryptocurrency
I am setting up a new MySQL server in the office. The client app, connecting from the same LAN, is now in beta testing. So I can still change authentication system and other stuff there. Currently I decided to compile the str… Continue reading How to secure MySQL server for the case of hardware theft
I installed a mysql server 5.7 in my home computer but I am afraid if someone scans my ip with nmap then he will simply find open mysql port no. 3306 as windows service and then he can simply bruteforce to gain access if I ha… Continue reading Is it safe to have a mysql server on a home computer?
Our company has a web application that queries a separate MySQL server. We want to move our web application server to EC2 but keep our MySQL server on a physical machine within our own network. What is the best way to go abou… Continue reading Connecting Web Application Server to MySQL Server over the internet
Context
I work on a very common case. I configured two servers: an OpenVPN and a MySQL (172.16.X.X) server hidden behind it.
Let’s assume everything is perfectly configured and patched server side.
Note:
MySQL server has… Continue reading How likely it is that a (MySQL) client leaks credentials when VPN tunnel was not set previously?
I am building a project that requires users to be authenticated to access it. I was planning on using MySQL as a database and running PHP scripts on the client to fetch user data. E.g. SELECT * from uaccounts WHERE username =… Continue reading Is it secure to execute MySQL queries on a client device?
To give a quick background, we need to implement a solution where we can guarantee that information is stored encrypted. Access to the encryption data will only be possible through an application that has dedicated access to … Continue reading Recommendation for implementing encrypted MySQL database
So I am developing a Java app which is going to be free and would preferably not require a sign up process. I cannot seem to think of an idea to store the log in details safely.
I have thought of salting and hashing the pass… Continue reading Accessing SQL database from Java Android app. How do I store the SQL database details so they are safe?