-
Welcome to B4X forum!
B4X is a set of simple and powerful cross platform RAD tools:
- B4A (free) - Android development
- B4J (free) - Desktop and Server development
- B4i - iOS development
- B4R (free) - Arduino, ESP8266 and ESP32 development
Hacking into Mysql and data encryption
- Thread starter MichalK73
- Start date
- Similar Threads Similar Threads
This is the wrong attitude. You MUST report it or they will just do it to someone else.
You didn't lose real data but the fact remains it is a criminal offence, so must be reported.
Also report it to bitcoin - the address they gave, they can take action against the recipient of any payments made.
Luckily I had a backup copy of the whole db.
I think you should develop locally or on a machine that is not Internet facing. That way, you don't need to worry about test databases being stolen.
For production or other supporting environments (uat, dev, DR sites etc), you need to lock down the databases such that only a certain user can access from a certain machine. If you're deploying in AWS for example, you can shut down all access to your db other than that by your application server by placing your db in a non public facing VM, allowing connections from only your app servers ip addresses and harden it even further by using IAM roles. No simple solution to securing anything but it's a start.
For production or other supporting environments (uat, dev, DR sites etc), you need to lock down the databases such that only a certain user can access from a certain machine. If you're deploying in AWS for example, you can shut down all access to your db other than that by your application server by placing your db in a non public facing VM, allowing connections from only your app servers ip addresses and harden it even further by using IAM roles. No simple solution to securing anything but it's a start.