When clients in the same virtual private cloud (VPC) can connect to your instance despite not being listed in the whitelist, password-free access is most likely enabled. This is expected behavior, not a misconfiguration: password-free access operates at the authentication layer and allows all same-VPC clients to connect, bypassing whitelist checks at the network layer.
Check whether password-free access is enabled
-
Log on to the Tair console.
-
On the instance details page, go to the Connection Information section.
-
If Disable Password-free Access is displayed, the feature is currently enabled.
For details on managing this feature, see Enable password-free access.
Enforce strict whitelist checking
To require all clients — including those in the same VPC — to pass whitelist validation, set the #no_loose_check-whitelist-always parameter to yes on the Parameter Settings page.
For instructions on updating parameters, see Configure parameters.