If the RDS whitelist contains a large number of IP addresses, your server may be attacked.
To ensure your server security, we recommend that you check the whitelisted CIDR blocks. A prefix length smaller than 22 indicates that the number of whitelisted IP addresses is too large. If the database password is leaked, your data may be leaked.
Whitelist only the IP addresses of authorized applications and IP addresses used for database maintenance.
Note: Changing the open ports may affect your services. Before you perform this operation, make sure that the changes do not lead to service interruption.
For more information, see RDS whitelist.