Exposed Service Port
A sensitive service port (MySQL, Redis, RDP, SSH, MongoDB) is exposed to the public internet.
What is Exposed Service Port?
Database servers (MySQL on 3306, PostgreSQL on 5432, MongoDB on 27017, Redis on 6379) and remote access services (RDP on 3389, SSH on 22, VNC on 5900) should never be accessible from the public internet. Exposed databases are routinely compromised within hours — ransomware gangs scan the entire internet for open databases and steal/encrypt data automatically.
Why It Matters to Your Business
An exposed database is the #1 cause of data breaches. Attackers scan for open MongoDB, Elasticsearch, and Redis instances 24/7 and exfiltrate data within minutes. RDP exposure is the leading ransomware vector. Average cost of a data breach: $4.45M (IBM 2023).
How to Fix It
Block the port at the firewall: For UFW (Ubuntu): sudo ufw deny 3306/tcp (MySQL) sudo ufw deny 5432/tcp (PostgreSQL) sudo ufw deny 6379/tcp (Redis) sudo ufw deny 27017/tcp (MongoDB) sudo ufw deny 3389/tcp (RDP) For iptables: sudo iptables -A INPUT -p tcp --dport 3306 -j DROP For AWS Security Groups: Remove the inbound rule allowing 3306 from 0.0.0.0/0 For Cloudflare: Block the port at the Cloudflare firewall level Restrict SSH to specific IPs: sudo ufw allow from YOUR_IP to any port 22
Technical Classification
| OWASP Category | A05:2021 — Security Misconfiguration |
| CWE ID | CWE-200: Exposure of Sensitive Information |
| Detected By | ports scanner(s) |
| Severity Level | critical |
How 2MNY Security Can Help
Check if your website has this vulnerability
Our ports scanner checks for this issue automatically.
Scan My Website Free