Reclaim Security Update: Remote MySQL

Reclaim Security Update: Remote MySQL

Announcement: Reclaim Hosting is disabling Remote MySQL Access.

Due to our new cybersecurity compliance requirements, we have blocked remote MySQL access across our infrastructure. If you are working with Domain of One's Own or Managed Hosting, this block can be bypassed with administrator approval, however, we do want you to know the risks involved:

  • MySQL has had many exploits in the past, both in applying permissions and in preventing access to the host server. It is reasonable to expect more in future; since very few admins allow untrusted access to a MySQL server, it is not strongly locked down against external attacks by default.
  • If remote access to MySQL is allowed, it makes databases more susceptible to brute force attacks and other forms of access-gaining attacks, as the port would easily be able to be scanned.
  • Allowing untrusted users who are not experienced in database administration or current security practices remote access exposes the database and by extension the entire server to all types of attacks, as MySQL can be used as point of entry by remote hijackers through an app that does not use current security standards.
  • An open remote MySQL port can be used for DDOS attacks against the server.

We recommend that users access their database through cPanel's PHPMyAdmin functions or the cPanel terminal. If the user is developing an application, we recommend using a service like Reclaim Cloud where the user has a containerized instance and is not endangering the production server in its entirety. However, we understand that some Domain of One's Own and Managed Hosting clients require this access for their specific use-cases. With DoOO or Managed Hosting Admin approval, we can unblock this port and allow users to use Remote MySQL once again.

If you have any concerns, please reach out to us at support@reclaimhosting.com, we are more than happy to answer any questions regarding this change.