I recently saw some discussions about MySQL on Discord and I’d like to point it out here as well.
If you’re having a database and you’d like to remotely access it; web server → MySQL or anything else.
Make sure you do not allow any IP through that port. Do not allow all IPs. Only allow the IP addresses / subnets you need.
You can get DDoSed on that port and if your database disconnects/freezes for a second, your database will get corrupted - any table that was being accessed at that time / running queries. Even if the connections server <-> database is on localhost but your port is publicly open.
Most of the Layer 7 attacks will not even be noticed by the hosting companies.
This is a mistake I see quite often. Most of the people do not realize it until it’s too late.