GreenSQL-FW, also known as GreenSQL, is a MySQL database firewall/proxy. In the default mode, IDS or Intrusion Detection System, it acts as a reverse proxy for MySQL databases. The SQL queries are evaluated before the query is passed to the database. With GreenSQL, common administrative commands are detected and blocked using risk assessment scoring. The administrative commands like CREATE, DROP, LIST, SHOW, etc are dropped before getting to the database. GreenSQL does not return a failure, so it is not discovered that the command or query was not successful. An attacker would not know for sure why their attack is not working.

Another mode available in GreenSQL is the Database Firewall mode. Before getting to this mode, GreenSQL needs to be taught what queries are allowed. To do this, GreenSQL is placed in what is called learning mode. While in this mode, the GreenSQL will learn or whitelist the commands and queries. After the learning phase, GreenSQL is then placed in the Database Firewall mode. GreenSQL will now only allow the whitelisted queries/commands to be passed to the database.

GreenSQL is easily administered by the use of the web interface called GreenSQL Console. Blocked queries can easily be added to the whitelist with the GreenSQL Console by reviewing the alerts and then clicking the triggered alert and selecting the add to whitelist button. The same can be done for a whitelisted pattern while in the learning mode so that you can easily block unwanted queries.

GreenSQL can help protect multiple databases on a single MySQL database server or multiple MySQL database servers. Each database can also have separate whitelists to finely tune each web applications queries.

While developers need to program their application with security in mind, the use of GreenSQL is an excellent tool to help protect your valuable data that is stored in a MySQL database. GreenSQL project is a freely available open source project distributed under the GPL license.