The article wraps up by reiterating the vital role of annual security checks in today's rapidly changing security landscape. It reinforces the notion that staying vigilant and informed is key to ensuring the safety and security of societies worldwide. If your network has deployed a VPN and has not excluded Mainland China sites, please disconnect the VPN. The website may automatically redirect you to the Alibaba Cloud International site.
1. MySQL RDS
1.1 RDS User Password
Resetting the password for a MySQL database user in Alibaba Cloud's Relational Database Service (RDS) is a straightforward process. Here's a step-by-step guide on how to do it:
Log in to Alibaba Cloud Management Console:
- Start by logging into your Alibaba Cloud Management Console with your credentials. This is the central hub where you can manage all your Alibaba Cloud services.
Access RDS Dashboard:
- Once logged in, navigate to the RDS section. You can find this either through the main dashboard or by searching for RDS in the services search bar.
Select the Target RDS Instance:
- In the RDS console, you'll see a list of your RDS instances. Select the instance where your MySQL database is hosted. Make sure you choose the correct instance if you have multiple instances running.
Find the User Account:
- Within the database management area, navigate to the section where database accounts are listed. Here you'll find all the user accounts associated with your MySQL database.
Reset Password:
- Locate the specific user account for which you want to reset the password.
- You will be prompted to enter a new password. Make sure to create a strong password that meets Alibaba Cloud’s password strength requirements.
Confirm the Changes:
- After entering the new password, confirm your changes. The system may ask you to verify your identity or input a verification code depending on your account's security settings.
Update Applications (if necessary):
- If you have any applications or services that use the credentials of the MySQL user whose password you just reset, you will need to update them with the new password. This is crucial to ensure that your applications can continue to access the database without interruptions.
Remember, changing a database password can impact any application or service that relies on that specific user account for database access. Therefore, it’s important to plan accordingly to avoid any unintended service disruptions. Additionally, always follow best practices for password management, including using strong, unique passwords and changing them periodically.
1.2 RDS Whitelist
Updating the IP whitelist for your Alibaba Cloud RDS instance that hosts a MySQL server is an important step to ensure that your database is accessible to the right users or applications while maintaining security. Here's how to update the IP whitelist:
Log in to Alibaba Cloud Management Console:
- Begin by logging into your Alibaba Cloud Management Console using your account credentials. This is the central platform for managing all your Alibaba Cloud services.
Access RDS Dashboard:
- Once logged in, navigate to the RDS section. You can find RDS in the products and services menu or by using the search bar.
Select Your RDS Instance:
- In the RDS console, you'll see a list of all your RDS instances. Select the RDS instance that is running your MySQL server.
Navigate to Security Settings:
- After selecting your RDS instance, look for the 'Whitelist and Security' tab or a similar section in the instance’s management page. This is where you manage security-related settings, including the IP whitelist.
Edit IP Whitelist:
- Inside the security settings, find the IP whitelist section. Here, you will see the existing IP whitelist groups.
- To add a new IP address or range, either edit an existing whitelist group or create a new group. When creating or editing, you will be prompted to enter the IP addresses or IP ranges that you wish to allow.
- IP addresses should be entered in standard format (e.g., 192.168.1.1). For IP ranges, use CIDR notation (e.g., 192.168.1.0/24 to cover a range of addresses).
- Setting the whitelist IP range to 0.0.0.0/0 means opening it to the public network. Please use this setting cautiously. If it is set for testing connectivity, make sure to change it immediately after the test.
Save Changes:
- Once you have added the new IP addresses or ranges, save your changes. The RDS instance will then update its access control based on the new whitelist.
Review and Test:
- After updating the whitelist, it’s a good practice to review the changes and ensure that only the desired IPs are allowed.
- Test the connection from the whitelisted IP addresses to confirm that they have access to the MySQL server on your RDS instance.
Remember, managing the IP whitelist effectively is crucial for database security. Only the IP addresses or ranges that need access to your RDS instance should be whitelisted. Any unnecessary IP addresses should be removed to minimize security risks.
Also, be aware that changes to the IP whitelist can take a few minutes to take effect. During this time, connectivity from new IP addresses may not be immediately established.
ECS
Resetting the root password for an Alibaba Cloud Elastic Compute Service (ECS) server is a straightforward process. Here's how you can do it:
Log into Alibaba Cloud Management Console:
- Begin by logging into your Alibaba Cloud Management Console with your credentials.
Navigate to ECS Dashboard:
- Once logged in, navigate to the Elastic Compute Service (ECS) section. You can find this either from the main dashboard or by searching for ECS in the services search bar.
Select the Relevant ECS Instance:
- In the ECS console, you will see a list of your ECS instances. Select the instance for which you want to reset the root password.
Stop the ECS Instance (if required):
- To reset the password, the ECS instance may need to be stopped, especially if it's running. Be aware that stopping the instance will disrupt its services temporarily. If the instance is already stopped, you can skip this step.
Reset the Password:
- Locate the option to reset the password. This is typically found on the instance dashboard.
- Click on the option to reset the password. You will be prompted to enter a new password. Ensure that this new password is strong and complies with Alibaba Cloud’s password policies.
Restart the ECS Instance:
- After resetting the password, you need to restart your ECS instance to apply the changes. If you had stopped the instance earlier, this step would bring it back online.
Update Your Records and Applications:
- Remember to update your records with the new password. Also, if you have any applications or services that connect to this server using the root password, you’ll need to update them with the new password to ensure uninterrupted access.
Log in with the New Password:
- Once the instance is running again, you can log in using the new root password.
Remember, changing the root password is a critical action that can affect access to your server. Always ensure that you are resetting the password for the correct instance and that you have planned for any potential downtime or service interruption that may result from rebooting the ECS instance.
