Network misconfigurations

Azure MariaDB Server ‘Enforce SSL connection’ Disabled

Platform(s)
Compliance Frameworks

Description

Azure Database for MariaDB server allows by default to prefer connections using TLS (previously known as SSL). enforcing TLS connections helps protect against 'man-in-the-middle' attacks by encrypting the data stream. The server {AzureMariaDb} was found configured without 'Enforce SSL Connection' enabled.

  • Recommended Mitigation

    For each server, under connection security, set 'Enforce SSL Connection' to ENABLED. see further reference at <a href="https://learn.microsoft.com/en-us/azure/mariadb/howto-configure-ssl#enforcing-ssl-connections-in-azure" target="_blank" rel="noopener noreferrer">https://learn.microsoft.com/en-us/azure/mariadb/howto-configure-ssl#enforcing-ssl-connections-in-azure</a>

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.