In this blog post, we’ll look at how to turn on binlog encryption in Percona Server for MySQL. Why do I need this? As you probably know, Percona Server for MySQL’s binlog contains sensitive information. Replication uses the binlog to copy events between servers. They contain all the information from one server so that it can […]
Read More
The news that the latest MySQL 8.0.4 RC (release candidate) is available is indeed exciting. Unfortunately for users of the auth_socket plugin, dangers lie in wait! Back in November 2015, I reported Failure of auth_socket authentication with sha256_password as default. This prevents users that identify with the auth_socket plugin from logging in after SHA256 authentication has been […]
Read More
In this blog post, we’ll look at the performance hit from the Spectre bug fix on Ubuntu. Recently we measured the performance penalty from the Meltdown fix on Ubuntu servers. It turned out to be negligible. Today, Ubuntu made a Spectre bug fix on Ubuntu available, shipped in kernel 4.4.0-112. As with the Meltdown fix, […]
Read More
In this blog post, we’ll look at does the Meltdown fix affect performance for MySQL on bare metal servers. Since the news about the Meltdown bug, there were a lot of reports on the performance hit from proposed fixes. We have looked at how the fix affects MySQL (Percona Server for MySQL) under a sysbench workload. […]
Read More
In this blog post, we’ll look at ProxySQL firewalling (how to use ProxySQL as a firewall). Not long ago we had an internal discussion about security, and how to enforce a stricter set of rules to prevent malicious acts and block other undesired queries. ProxySQL came up as a possible tool that could help us in achieving […]
Read More
In this blog post, we examine the recent revelations about CPU security vulnerabilities. The beginning of the new year also brings to light fresh and new CPU security vulnerabilities. Today’s big offenders originate on the hardware side – more specifically, the CPU. The reported hardware kernel bugs allow for direct access to data held in the […]
Read More
In this blog post, we’ll look at MongoDB 3.6 security improvements. As we’ve already talked about in this series, MongoDB 3.6 has a number of new features in it. But we have talked less about the new security enhancements in this release. The MongoDB 3.6 security features are particularly exciting. Some of these are just […]
Read More
Join Percona’s Senior Technical Services Engineer Adamo Tonete as he presents MongoDB Security Webinars: Enhanced Security Using LDAP Authentication on Wednesday, November 8, 2017 at 11:00 am PST / 2:00 pm EST (UTC-8). Experience: Intermediate Tags: SysAdmin, DBAs In this webinar, we are going to demonstrate how to configure Percona Server for MongoDB in a […]
Read MoreIn this blog post, we’ll focus on MongoDB security and discuss how to configure Percona Server for MongoDB to authenticate a user with an LDAP server. It is important to mention that Percona Server for MongoDB features LDAP authentication free of charge for everyone in all our versions. This feature is not available in the MongoDB Community versions. […]
Read More
In this blog post, we’ll look at how ProxySQL improves MySQL SSL connection performance. When deploying MySQL with SSL, the main concern is that the initial handshake causes significant overhead if you are not using connection pools (i.e., mysqlnd-mux with PHP, mysql.connector.pooling in Python, etc.). Closing and making new connections over and over can greatly impact […]
Read More