Question

Do unauthorized pending connections count to managed MySQL's max_connections?

As per the documentation (https://docs.digitalocean.com/products/databases/mysql/#mysql-limits) DigitalOcean Managed MySQL databases allow 75 concurrent connections per each GB of memory.

When the MySQL service is wide open to the internet, will can brute-force hackers block out all 75 connections by opening 75 sessions and trying to brute-force my password, essentially leaving the database inaccessible to me?

As an explanation, I need to leave the DB wide open to the internet because it’s accessed from AWS Lambda functions.

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hello,

The best way to protect yourself from brute-force attacks is by using the trusted sources so that the database cluster would be locked for the world.

If you however need to keep the database open, then it might be the case that you receive a brute-force attack, but it still needs to be a huge one in order to flood all of the available SQL connections.

Regards, Bobby