Vulnerabilities
Misconfiguration
Runtime Security
Compliance
Azure > PostgreSQL Server >

Enforce PostgreSQL SSL Connection

MEDIUM
Source
CloudSploit
ID
enforce-postgresql-ssl-connection
management console

Enforce PostgreSQL SSL Connection

Ensures SSL connections are enforced on PostgreSQL Servers

SSL prevents infiltration attacks by encrypting the data stream between the server and application.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log in to the Microsoft Azure Management Console.

  2. Select the “Search resources, services, and docs” option at the top and search for PostgreSQL. Step

  3. On the “Azure Database for PostgreSQL servers” page, select the database by clicking on the “Name” as a link that needs to be examined.Step

  4. Scroll down the left navigation panel and choose “Connection Security” under “Settings.”Step

  5. On the “Connection Security” page, search for “SSL settings”. If the Enforce SSL connection is set to “DISABLED” this is a security risk as data is transmitted unencrypted. This is against azure best practices.Step

  6. To enable the “SSL Connection” select “ENABLED” from the toggle configuration button. In the “TLS setting” select the highest version “1.2” as of now.Step

  7. Click on the “Save” button at the top to make the changes.Step

  8. Repeat step number 3 - 7 to ensure the server parameters for each PostgreSQL server have the ssl connection enabled.

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use