---
title: "My Public MCP Server Got Hammered - Security Lessons from a Bot Attack"
slug: mcp-server-bot-attack-security-lessons
date_published: 2026-02-23T16:00:00.000Z
original_url: https://www.tigzig.com/post/mcp-server-bot-attack-security-lessons
source: fresh
processed_at: 2026-02-23T16:00:00.000Z
---

# My Public MCP Server Got Hammered - Security Lessons from a Bot Attack

My public database MCP server got hammered yesterday. Bot attack. Database server CPU at 100%.

Had protections in place - rate limiting, read-only access, SQL validation. Still got hammered. The gaps were in what I didn't think about.

Worked with my AI Coder (Claude Code) to get it back up, then went deep into every attack vector. Some 15 odd fixes - from exposed server IPs to open system catalogs to a Supabase REST API I wasn't even thinking about as an entry point.

What I learned fixing this in a few hours - would have taken days of watching tutorials. Getting bashed is the fastest way to learn. And all free.

Two things worth noting:

All my client apps have mandatory auth. My public demo apps is where I get negligent. This was a good reminder.

And I wasn't listening to my own AI coder. Every app build, I ask Claude Code for a security audit. It gives me a long list. Most times I think .. let me go live and I'll come back to this...well, this is what happens.

Server is back up. Open to public. No login.

- MCP: [https://db-mcp.tigzig.com/mcp](https://db-mcp.tigzig.com/mcp)
- API: [https://db-mcp.tigzig.com/api](https://db-mcp.tigzig.com/api)

... and yes a few things are still remaining.

Detailed post with all fixes coming soon. And if I get hammered again - more free learning.