Join Log in
Score:0
jotyhista avatar Server

fail2ban inside official MariaDB docker image

cn flag
jotyhista

I am running a docker image mariadb:10.9.2-jammy

I noticed with that I get a lot of brute force logging attempts cluttering my logs when I do docker logs mariadb

Is it possible to implement something like fail2ban inside my image ? I know it works for ssh connections but I am not sure if it would work for mysql connections too ?

123
0 + 6
vidarlo avatar
ar flag
vidarlo
Do you *really* need MariaDB to be publicly accessible? Normally it's restricted to same machine or a small set of other machines. Running it over the open Internet is kinda hazardous...
0
Reply
jotyhista avatar
cn flag
jotyhista
@vidarlo yes I need for administration with special unique account but Root access is only enabled on localhost and my app connects with LAN.
0
Reply
vidarlo avatar
ar flag
vidarlo
If it's for administration, a ssh tunnel must be possible? `ssh -L 3306:localhost:3306 [email protected]`?
0
Reply
jotyhista avatar
cn flag
jotyhista
@vidarlo this is what Im doing already; humm... Maybe Im missing something and need somehow to disconnect it completely from the web ? Not sure how; I just have my port 3306:3306 exposed in my docker compose
0
Reply
vidarlo avatar
ar flag
vidarlo
You should *not* expose mysql to the internet.
0
Reply
danblack avatar
dz flag
danblack
If using compose, you don't need to expose as those on the same network are visible. This can include a sshd container, with an expose and authorized keys only, for your port forwarding.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.