Strong Passwords for Database
💡 In standalone mode in a private deployment, by default, the database components are built into the mirror and start with the microservice, and the database in the container is not accessible externally.
💥 If there is a need to map the database port from the container to the host for access, it is highly recommended to do so when the following three conditions are met, otherwise it is extremely risky for the database port to be exposed to the Internet!!!
-
Back up data regularly (to prevent unrecoverable data loss due to database hacking).
-
Set up access whitelist for database ports ( to restrict source addresses from accessing database ports).
-
Change the password to a strong one (Avoid special characters with regular meanings, such as "$", "&", "@", etc., otherwise they cannot be passed into the container; you can choose - or _).
📄️ Change Default Password for MySQL
- Using tC9S86SFWxga as an example for the root password, please remember to change it in your actual configuration.
📄️ Change Default Password for Redis
- Using f8K5ZT3aQXTb as an example for the new Redis password, please remember to change it before deploying.
📄️ MongoDB Add Authentication
- When adding authentication, two users are created, the root user for the admin library and the hap user for all business libraries.