Security Vulnerability Notice for LabKey users on PostgreSQL - PgMiner botnet

LabKey Support Forum
Security Vulnerability Notice for LabKey users on PostgreSQL - PgMiner botnet Jon (LabKey DevOps)  2020-12-15 18:09
Status: Closed
 

Due to the PgMiner botnet exploit/vulnerability (https://www.zdnet.com/article/pgminer-botnet-attacks-weakly-secured-postgresql-databases), we recommend any LabKey user that has a self-hosted environment to read the article and take the following precautions:

  • If you still have the default postgres user that came with your PostgreSQL installation, please do the following:
  1. Create a replacement superuser on your database.
  2. After creating the replacement user, delete the default postgres user.
  • Confirm that your PostgreSQL database can only be accessed by your LabKey server on your specific designated port. By default, PostgreSQL uses port 5432. Consider either changing to a different port or update your security settings (i.e. Firewall, pg_hba.conf file) so only your LabKey instance can access your PostgreSQL server.

For more information on securing your PostgreSQL server, please checkout the following resource:

https://www.enterprisedb.com/blog/how-to-secure-postgresql-security-hardening-best-practices-checklist-tips-encryption-authentication-vulnerabilities