by Marco Tusa | Jun 12, 2018 | MySQL, Percona Software, Security
Let them stay together. In the last YEARS, I have seen quite often that users, when installing a product such as PXC, instead of spending five minutes to understand what to do just run iptables -F and save. In short, they remove any rules for their firewall. With...
by Corrado Pandiani | May 31, 2018 | Insight for DBAs, Insight for Developers, MongoDB, Security
In this third and final post of the series, we look at how to configure transport encryption on a deployed MongoDB replica set. Security vulnerabilities can arise when internal personnel have legitimate access to the private network, but should not have access to the...
by Robert Golebiowski | Mar 8, 2018 | Insight for DBAs, Monitoring, MySQL, Percona Software, Security
In this blog post, we’ll look at how to turn on binlog encryption in Percona Server for MySQL. Why do I need this? As you probably know, Percona Server for MySQL’s binlog contains sensitive information. Replication uses the binlog to copy events between...
by Ceri Williams | Jan 24, 2018 | Insight for DBAs, MySQL, Security
The news that the latest MySQL 8.0.4 RC (release candidate) is available is indeed exciting. Unfortunately for users of the auth_socket plugin, dangers lie in wait! Back in November 2015, I reported Failure of auth_socket authentication with sha256_password as...
by Vadim Tkachenko | Jan 23, 2018 | Insight for DBAs, Insight for Developers, MySQL, Security
In this blog post, we’ll look at the performance hit from the Spectre bug fix on Ubuntu. Recently we measured the performance penalty from the Meltdown fix on Ubuntu servers. It turned out to be negligible. Today, Ubuntu made a Spectre bug fix on Ubuntu...
by Vadim Tkachenko | Jan 18, 2018 | Insight for DBAs, Insight for Developers, MySQL, Security
In this blog post, we’ll look at does the Meltdown fix affect performance for MySQL on bare metal servers. Since the news about the Meltdown bug, there were a lot of reports on the performance hit from proposed fixes. We have looked at how the fix affects MySQL...
by Marco Tusa | Jan 15, 2018 | Monitoring, MySQL, ProxySQL, Security
In this blog post, we’ll look at ProxySQL firewalling (how to use ProxySQL as a firewall). Not long ago we had an internal discussion about security, and how to enforce a stricter set of rules to prevent malicious acts and block other undesired queries. ProxySQL...
by Tom De Cooman | Jan 4, 2018 | MongoDB, MySQL, Open Source, Security
In this blog post, we examine the recent revelations about CPU security vulnerabilities. The beginning of the new year also brings to light fresh and new CPU security vulnerabilities. Today’s big offenders originate on the hardware side – more specifically, the...
by Aayushi Mangal | Dec 15, 2017 | Insight for DBAs, Insight for Developers, MongoDB, Security
In this blog post, we’ll look at MongoDB 3.6 security improvements. As we’ve already talked about in this series, MongoDB 3.6 has a number of new features in it. But we have talked less about the new security enhancements in this release. The MongoDB 3.6...
by Adamo Tonete | Nov 7, 2017 | MongoDB, Percona Software, Webinars
Join Percona’s Senior Technical Services Engineer Adamo Tonete as he presents MongoDB Security Webinars: Enhanced Security Using LDAP Authentication on Wednesday, November 8, 2017 at 11:00 am PST / 2:00 pm EST (UTC-8). Experience: Intermediate Tags: SysAdmin, DBAs In...
by Adamo Tonete | Nov 6, 2017 | MongoDB, Security
In this blog post, we’ll focus on MongoDB security and discuss how to configure Percona Server for MongoDB to authenticate a user with an LDAP server. It is important to mention that Percona Server for MongoDB features LDAP authentication free of charge for...
by Jervin Real | Sep 19, 2017 | Insight for DBAs, ProxySQL, Security
In this blog post, we’ll look at how ProxySQL improves MySQL SSL connection performance. When deploying MySQL with SSL, the main concern is that the initial handshake causes significant overhead if you are not using connection pools (i.e., mysqlnd-mux with PHP,...
by Dave Avery | Sep 5, 2017 | Insight for DBAs, Insight for Developers, MongoDB, Security
A new set of MongoDB attacks and data breaches struck businesses this weekend, mirroring the attacks that hit back in January and putting MongoDB security back into the spotlight. Like the last set, this new attack strategy focused on ransomware that demanded a paid...
by Emily Ikuta | Aug 7, 2017 | MongoDB, Security, Webinars
Join Percona’s Senior Technical Services Engineer, Adamo Tonete as he presents MongoDB Security: Making Things Secure by Default on Wednesday, August 9, 2017 at 11:00 am PDT / 2:00 pm EDT (UTC-7). Register Now MongoDB security breaches have regularly been in the news....
by Emily Ikuta | Jul 10, 2017 | Insight for DBAs, MariaDB, MySQL, Security, Webinars
Join Percona’s Chief Evangelist, Colin Charles as he presents Securing Your MySQL/MariaDB Data on Tuesday, July 11, 2017 at 7:00 am PDT / 10:00 am EDT (UTC-7). Register Now This webinar will discuss the features of MySQL/MariaDB that when enabled and used improve the...
by Emily Ikuta | Jul 5, 2017 | MySQL
Join Percona’s Solutions Engineer, Dimitri Vanoverbeke as he presents Security and Encryption in the MySQL World on Thursday, July 6, 2017, at 7:00 am PDT / 10:00 am EDT (UTC-7). Register Now MySQL and MariaDB Server provide many new features that help with...
by Manjot Singh | Jun 28, 2017 | MySQL, Security
Welcome to Part 2 in a series of blog posts on MySQL encryption at rest. This post covers InnoDB tablespace encryption. At Percona, we work with a number of clients that require strong security measures for PCI, HIPAA and PHI compliance, where data managed by MySQL...
by Tibor Korocz | Jun 27, 2017 | Insight for DBAs, MySQL, Security
This blog post looks at SSL connections and how they work in MySQL 5.7. Recently I was working on an SSL implementation with MySQL 5.7, and I made some interesting discoveries. I realized I could connect to the MySQL server without specifying the SSL keys on the...
by Manjot Singh | Jun 6, 2017 | MySQL, Security
In this first of a series of blog posts, we’ll look at MySQL encryption at rest. At Percona, we work with a number of clients that require strong security measures for PCI, HIPAA and PHI compliance, where data managed by MySQL needs to be encrypted “at...
by Adamo Tonete | May 17, 2017 | Insight for DBAs, MongoDB, Security
In this blog post, we’ll walk through the native MongoDB authentication and roles, and learn how to create personalized roles. It is a continuation of Securing MongoDB instances. As said before, MongoDB features a few authentication methods and built-in roles that...
