Proper remote access control management in PostgreSQL

Posted on

Question :

I want to create environment that allows the limited number of machines connect to my database server.
For debugging needs all IP address have the remote access to PostgreSQL server

listen_addresses = '*'
host all all 0.0.0.0/0 md5

I want to limit access. What is the canonical way to do that?
I though of using proxy server to connect from local machines to PostgreSQL server, but I’ll appreciate other ideas.

Answer :

Just change pg_hba.conf from

host all all 0.0.0.0/0 md5

to rules you need. Columns are :
type (leave host),
database,
username,
IP,
access method.
For example, if you need to allow only 1.2.3.4 and 5.6.7.8 to connect any database using any username:

host all all 1.2.3.4/32 md5
host all all 5.6.7.8/32 md5
host all all 0.0.0.0/0 reject

Use
service postgresql reload
(or smt like that, depending on your system) to apply changes.

Leave a Reply

Your email address will not be published. Required fields are marked *