Is there ever a reason to expose an SQL Server to the internet?
I am interested in learning about use-cases for when an SQL server may be exposed to the internet, with or without some type of authentication in front of it. Are there legitimate reasons for this?
No, however, I do know that a big national company does this because the customers need to upload data directly. IMHO they should use an API instead, so no, I don't see any reason to do it. I wouldn't do it, it's a major security risk.
Honeypot? Bored at work? Internet Candy Jar?
Yes, we successfully exposed a SQL server to the internet, but i won't tell you how.
It’s hard to see a legitimate reason for that.