1

I am looking to setup a website and database that are connected via the internet, and am looking to secure the connection. The connection will probably not be over a VPN, so shall be openly exposed.

From the research I have done, I see that you can use SSL and IPSec. The user I am setting up will only have public, db_datareader and db_datawriter roles. The password will be set to expire every set period of time.

Is there anything else I should be aware of to ensure a secure connection from my website to database?

asked Jul 22, 2014 at 16:04
2
  • 1
    are you exposing database to the internet, or can only web server connect to it? Commented Jul 22, 2014 at 20:25
  • @NeilMcGuigan Updated question. Commented Jul 23, 2014 at 0:53

1 Answer 1

2

  1. You DB should probably not be publicly accessible, unless it really has to be. You can make DB accessible only to localhost, which would allow your web server to talk to it and you can use it over SSH or Remote Desktop or what have you.

  2. You'll want to watch out for brute-force attempts on your logins. I'm not sure what the Windows equivalent of Fail2Ban is, but you'll want something like that.

  3. Shut off any unneeded db services, see what ports are open, use a firewall to block any ports other than the ones you definitely need.

  4. Have your access logs recorded to another computer with a write-only connection, so that if someone does break in, you still have logs.

answered Jul 23, 2014 at 17:51

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.