Does the Manged SQL service have DDoS attack protection, including anti-DDoS flood protection and a firewall?

Does the Managed SQL service have DDoS attack protection, including anti-DDoS flood protection and a firewall? Is it also bulletproof against SQL injection and hacking attempts?

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev
Site Moderator
Site Moderator badge
November 1, 2023

Hello there,

Quick update here. I’m excited to share that DigitalOcean has introduced a new feature in response to the valuable feedback we’ve received from users like you: DigitalOcean DDoS Protection:

Here are some key points about this new offering:

  1. Cost: DigitalOcean DDoS Protection is available at no additional cost. That’s right, it’s a free service for all users!

  2. Coverage: The protection extends to a range of DigitalOcean resources including:

    • Droplets
    • Kubernetes
    • Managed Databases
    • Load Balancers
    • Reserved IPs
  3. Protection Layers: This service provides protection primarily at the Network (layer 3) and Transport (layer 4) layers of the OSI model. Please note that Application layer (layer 7) DDoS Protection is currently not supported.

  4. Latency Concerns: One of the standout features of this service is that mitigation takes place entirely within the DigitalOcean network. This means that data traffic doesn’t leave our network for mitigation, ensuring that your applications experience no additional latency.

  5. Overall Benefit: DigitalOcean DDoS Protection is an always-on service designed to defend your DigitalOcean cloud resources against a range of generalized, network-layer DDoS attacks. This ensures that your apps and websites run smoothly, without the threat of potential disruptions from such attacks.



Bobby Iliev
Site Moderator
Site Moderator badge
August 13, 2023

Hi there,

Data in MySQL database clusters is encrypted at rest with LUKS (Linux Unified Key Setup) and in transit with SSL. However, there are additional steps you can take to ensure that your data is safe.

You can greatly decrease the likelihood of a security breach by restricting which DigitalOcean resources or external IP addresses are allowed to access the nodes in a cluster. This prevents brute force password and denial-of-service attacks from any server not explicitly permitted to connect.

Typically, only the application servers are allowed to connect to the database cluster. Users access the public-facing site, and the public-facing server authenticates and manages database connections in turn.

You can follow the steps on how to do that here:

Hope that this helps!



Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Featured on Community

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel