Member-only story
If Your Database Is Sleeping, It Might Be a Clue That You’ve Been Hacked, or About to Be…
A cautionary tale about inheriting old code and leaving it vulnerable to SQL injection
Last week, one of the websites I built in my spare time a while back suddenly started throwing errors. It couldn’t connect to the database for some reason, and this has never happened before. I tried connecting via MySQL Workbench to diagnose it, but I couldn’t log in. I quickly realised that if I couldn’t connect, then all of the other websites that depend on that database probably couldn’t connect and were throwing errors too.
Looking at the Amazon RDS console, everything looked pretty normal at first, but then I noticed the number of DB connections was much higher than normal. It turns out that it was at the limit, but I couldn’t find a way to diagnose the issue from within RDS. I was out of options, so I simply restarted the database instance. About a minute later, everything was back to normal and all the websites were working again. After monitoring it for a few hours, and not really knowing how to diagnose the problem, I decided to just leave it there and put it down to some sort of anomaly.
Those of you that work in DevOps, yes, I can hear you screaming…
