With RdpGuard you can easily protect your MySQL server from dictionary-based brute-force attacks.
RdpGuard monitors MySQL logs and blocks attacker's IP addresses after specified number of failed login attempts. MySQL General Log is used for MySQL version 5.6 and lower and Application Event Log is used for MySQL version 5.7 and higher.
Multiple MySQL instances are supported for MySQL version 5.7 and higher.
Check out the instructions below to learn how to enable and configure brute-force protection for your MySQL server.
1. Start RdpGuard Dashboard and click on the link next to MySQL
MySQL Protection Link in RdpGuard Dashboard
MySQL Settings dialog will appear:
MySQL Protection Settings Dialog
2. Turn on Enable MySQL protection
3. Choose the Monitoring Method
- Application Event Log
- MySQL General Log
Monitoring via Application Event Log is recommended for MySQL 5.7 and higher. Old MySQL versions do not write failed login information into the Application Event Log, so this monitoring method works with MySQL 5.7 and higher.
4. Click Save to save changes if you selected Application Event Log as the monitoring method or read below if you would like to configure monitoring via MySQL General Log
Monitoring via MySQL General Log works with all MySQL editions, but may work slow on heavy loaded MySQL instances.
MySQL General Logging must be enabled if you choose the MySQL General Log as a monitoring method. Please check the following instructions to learn how to enable General Logging: How to enable General Logging for MySQL Server.
5. Automatically detect config file location
In most cases RdpGuard is able to detect MySQL config file location automatically. But in some cases you may need to specify MySQL config file my.ini (or my.cnf) manually.
In such a case, disable automatic config file discovery and specify MySQL config file in corresponding text-box.
6. Automatically detect general log file location
In most cases RdpGuard is able to detect the location of general log file automatically if my.ini (or my.cnf) file is detected or specified manually. But in some cases you may also need to specify the location of general log file manually.
In such a case, disable automatic general log file discovery and specify MySQL general log file in corresponding text-box.
7. Click Save to save changes and close the dialog.
8. Enable RdpGuard Event Log via the View menu and restart RdpGuard Service via the Tools menu
9. Check out the RdpGuard Event log, if MySQL detection engine is not started, specify the location of MySQL config file and general log file manually and repeat the steps 7-8