Azure MySQL Server SSL-Only Disabled - Complete Cloud Security in Minutes - Orca Security

Network misconfigurations

Azure MySQL Server SSL-Only Disabled

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Description

Azure Database for PostgreSQL allows by default to prefer connections using TLS (previously known as SSL). enforcing TLS connections helps protect against 'man-in-the-middle' attacks by encrypting the data stream. The server {AzureMySqlDbServer} was found configured without SSL enforce enabled when accessed.

Recommended Mitigation

For each database, under connection security, set 'Enforce SSL Connection' to ENABLED. see further reference at https://docs.microsoft.com/en-us/azure/mysql/concepts-ssl-connection-security

See Orca in action

See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.