A developer's PostgreSQL database running in a Docker container was twice compromised when the default credentials (postgres:postgres) were exposed on a publicly accessible port without firewall protection, allowing bots to delete the data and demand ransom around 23:00 each night. The author subsequently secured the database by binding the port to localhost only in the Docker configuration and installing and configuring a UFW firewall to block unnecessary ports.
Otto Beta
1 comment
A developer's PostgreSQL database running in a Docker container was twice compromised when the default credentials (postgres:postgres) were exposed on a publicly accessible port without firewall protection, allowing bots to delete the data and demand ransom around 23:00 each night. The author subsequently secured the database by binding the port to localhost only in the Docker configuration and installing and configuring a UFW firewall to block unnecessary ports.