MySQL was injected by SQL a face-beating experience

Source: Internet
Author: User

face a database experience


As an operations engineer, usually for the online server is very important, even if there is a hardware firewall, and then the system has also done further optimization, but also installed the basic protection software, the server half a year has not been any problems. But I am not very important to other servers are usually just simple maintenance. Because usually there is no problem, so I became more lazy, finally one day, the face of the matter appeared ....


650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/7D/53/wKiom1bmJPOD0hOnAACg6O6pAHk381.png "title=" 6.png " alt= "Wkiom1bmjpod0honaacg6o6pahk381.png"/>


Early in the morning, look at the mail alarm, said what monitoring server was someone else SQL injection, there is virus recommended cleanup

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/7D/52/wKiom1bmImqRDKqJAABQxHB8t0o656.png "title=" 3.png " alt= "Wkiom1bmimqrdkqjaabqxhb8t0o656.png"/>

See above the content, my mood now is a long time can not calm, too dozen face. More irritating is which fuck, OK, recognize.

Do not want that upset thing, solve the problem. First I think of is whether someone landed my system, but a think, my firewall strategy is very strict, should not. There is no problem viewing the logs. The problem then shifted to the database. It's not a database authorization, isn't it? OK, log in to the database to check the authorization form, brother stayed, usually only think of system aspects, incredibly did not pay attention to the database licensing aspects. (I did not strictly write a firewall policy for MySQL, because it is just a monitoring server, careless)


1, so, I deleted the alarm virus (the first step)

2, login database to improve the authorization.

#drop user ' @ ' localhost ';

#drop user ' @ ' localhos.localdomain ';

drop user [email protected] ';

drop user [email protected] '% ';

This is because the mandate is not strictly, caused by the problem. Be sure to check the authorization form, disable root without password login, etc.


3. Change the password of the root connection data

4. Re-check the presence of viruses with security software

5, Strict modification strategy



Although the above has been done to protect measures, but the more powerful hackers will leave the back door, so, although the problem solved, but usually also pay attention to a good server security review.


Summary: For me, this is a face-beating experience, operation and maintenance personnel do not feel that is not particularly important server (especially production data) is not so much attention, this is a very bad habit, many good habits are slowly developed, bad habits are also. Only do a good job in peacetime life and work of small things, can be done to seriously treat every thing. At the same time also hope that they recognize their own mistakes and can be strictly treated, and strive to correct, to do a technically not only a strong, a good person for the life of a man.



Share with you, write bad, understand the meaning is good!





This article is from the "Brother to share" blog, please be sure to keep this source http://renzhiyuan.blog.51cto.com/10433137/1750800

MySQL was injected by SQL a face-beating experience

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.