SQL Injection attack on Website hosted on EC2 Machine

SQL Injection attack on Website hosted on EC2 Machine:

I setup a website http://h1bsalary.online with publicly available dataset. As soon as I launched website, numerous trolls and automated bots sending traffic to identify the vulnerabilities.

Safe-Guards I have taken so far :

  1. Provisioned Least privileged accounts to access the database
  2. Implemented Sanitization of Input parameters
  3. All data retrieval operations are done through Stored procedures.
  4. All the database ports ( Both MySQL and SQL Server ) is blocked and explicit permissions are granted to  whitelisted IP’s.
  5. These are preliminary steps I look to safeguard. Without proper Intrusion Prevention and Intrusion Detection System, its very hard to safeguard website against malicious attacks.
  6. In future  I am planning on Integrating with AWS IPS and IDS System.

https://aws.amazon.com/mp/scenarios/security/ids/

If you are like me, cost conscious and running something from AWS as hobby, its absolutely critical to take care of the security.

Using stored procedures and not doing Dynamic SQL prevents majority of the SQL Injections and it should be absolute minimum to follow .

I Also modified my nginx configuration to block this particular IP

SQL Inject Calls from Log:

Leave a Reply

Your email address will not be published. Required fields are marked *

*