我在我的网站上有一些dynamic内容,从远程MySQL服务器的数据库获取数据。 我最近重build了服务器,并在我的日志中看到了一些奇怪的活动。 我search了几个这样的IP地址,他们显示为中文,在安全论坛等。所以我假设有人试图蛮横我的数据库。
任何人都可以build议我怎么可能收紧我的安全吗? 我已经读了一个MySQL数据库的networking是一个安全风险,但数据在该服务器上半定期更新,我不能设置复制到我的虚拟主机,以保持连接本地(从而closures我的MySQL远程服务器上的端口)。
我有特定的用户设置为有限的访问和强密码的远程访问。 我应该做什么不同的事情吗?
IP address '123.108.223.200' could not be resolved: The requested name is valid, but no data of the requested type was found. IP address '116.255.210.59' could not be resolved: This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server. IP address '116.255.210.59' could not be resolved: This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server. IP address '180.69.254.133' could not be resolved: No such host is known. Host name 'WIN-4K2ASOOQOO9' could not be resolved: No such host is known. Host name 'WIN-4K2ASOOQOO9' could not be resolved: No such host is known. Hostname '142-118-74-198-dedicated.multacom.com' does not resolve to '198.74.118.142'. Hostname '142-118-74-198-dedicated.multacom.com' has the following IP addresses: - 204.13.152.7 IP address '182.84.98.165' could not be resolved: No such host is known. IP address '207.47.16.69' has been resolved to the host name '207.47.16.69.static.nextweb.net', which resembles IPv4-address itself. IP address '207.47.16.69' has been resolved to the host name '207.47.16.69.static.nextweb.net', which resembles IPv4-address itself. IP address '207.47.16.69' has been resolved to the host name '207.47.16.69.static.nextweb.net', which resembles IPv4-address itself. Host name 'unassigned.psychz.net' could not be resolved: No such host is known. IP address '112.175.66.51' could not be resolved: No such host is known. IP address '111.26.200.24' could not be resolved: This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server. IP address '111.26.200.24' could not be resolved: This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server. IP address '111.26.200.24' could not be resolved: This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server. Host name 'IDC-A4333C3EFF4' could not be resolved: No such host is known. Host name 'IDC-A4333C3EFF4' could not be resolved: No such host is known. IP address '173.208.94.206' could not be resolved: No such host is known. IP address '111.26.200.24' could not be resolved: This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server. 阻止特定IP地址的规范方法是通过iptables 。 在CentOS中将是这个命令:
$ iptables -A INPUT -s 2.4.6.8 -j DROP
其中2.4.6.8是您要阻止的服务器的IP地址。
但是,我build议阻止所有连接到端口3306(MySQL),而只允许你期望的地址(即白名单 ):
$ iptables -N mysql $ iptables -A mysql --src 1.2.3.4 -j ACCEPT $ iptables -A mysql -j DROP $ iptables -I INPUT -m tcp -p tcp --dport 3306 -j mysql
其中1.2.3.4是您希望允许的服务器的IP地址。
上面的命令很适合这个SO回答 。