My Public MCP Server Got Hammered - Security Lessons from a Bot Attack

Published: February 23, 2026

My public database MCP server got hammered yesterday. Bot attack. Database server CPU at 100%.

Had protections in place - rate limiting, read-only access, SQL validation. Still got hammered. The gaps were in what I didn't think about.

Worked with my AI Coder (Claude Code) to get it back up, then went deep into every attack vector. Some 15 odd fixes - from exposed server IPs to open system catalogs to a Supabase REST API I wasn't even thinking about as an entry point.

What I learned fixing this in a few hours - would have taken days of watching tutorials. Getting bashed is the fastest way to learn. And all free.

Two things worth noting:

All my client apps have mandatory auth. My public demo apps is where I get negligent. This was a good reminder.

And I wasn't listening to my own AI coder. Every app build, I ask Claude Code for a security audit. It gives me a long list. Most times I think .. let me go live and I'll come back to this...well, this is what happens.

Server is back up. Open to public. No login.

• MCP: https://db-mcp.tigzig.com/mcp
• API: https://db-mcp.tigzig.com/api

... and yes a few things are still remaining.

Detailed post with all fixes coming soon. And if I get hammered again - more free learning.