question

13332011 avatar image
0 Votes"
13332011 asked 13332011 commented

My Azure sql is using for login and register.I have some question about Firewall security.

When my users login or register on my program(C#).Their ip needs to be allow in the firewall.So I set a group like 0.0.0.1-888.888.888.888.But that means not only my users can accessed my Azure sql.All internet user can accessed it.Please teach me is that safe?All people using that like this or it maybe having another more optimal solution.Thanks.

dotnet-csharpazure-sql-database
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AnuragSharma-MSFT avatar image
0 Votes"
AnuragSharma-MSFT answered 13332011 commented

Hi @13332011, welcome to Microsoft Q&A forum.

If we are setting the security with such as broad range of IPs, there is chance of security breach as anyone within those set of IPs can connect with Azure MySQL server. However, username and passwords are still needed to connect.

It is recommended to allow/add only the selected IPs or range of IPs as part of connection security. There is no limit to number of IPs that can be added, so we can add an entry for each user IP. This way it is easy to update/remove the IP individually if any user is no more part of work.

If you want to make your Azure MySQL server more secure, you can configure Private Link as mentioned below:

Private Link for Azure Database for MySQL

Please let me know if this helps or else we can discuss more.


If answer helps, please mark it 'Accept Answer'




· 6
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you for answer my question.It`s cool.May I asking you another quertion?I wants to chenck who had connected my Azure SQL.Can I see thire IP in somewhere?

0 Votes 0 ·

Thanks for replying back. You can run below command to check all the active connections:

 show processlist;

Host is where you can see the IPs:

100214-image.png


If answer helps, please mark it 'Accept Answer'




0 Votes 0 ·
image.png (45.4 KiB)

Thanks.But...When I run this in my Query Editor.It said Failed to execute query. Error: Could not find stored procedure 'show'.Could you teach me where may I run this code.I had just studing Azure SQL for two days.I am very sorry about the very simple question.

0 Votes 0 ·
Show more comments
NandanHegde-7720 avatar image
0 Votes"
NandanHegde-7720 answered 13332011 commented

Hey,
For you to check the IPs, you would have to enable auditing at the server level where all the data is recorded :
https://medium.com/@harioverhere/identifying-who-accessed-azure-sql-using-audit-logs-f2ef51de2df9

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you ver much.I am going to have a try.

1 Vote 1 ·