There are a couple of things you can do to establish a secure connection between a remote postgres server and any other server. One is using SSH tunnels: http://www.postgresql.org/users-lounge/docs/7.0/admin/security1530.htm Another is to establish your connection with "requiressl=true" as part of the options strings under libpq -- which, since PHP uses libpq, I belive should work under PHP as pg_Connect("host=server dbname=db user=me password=pass requiressl=true") (and if it doesn't work, it should be able to be added easily). I haven't actually done either of these, but I also don't see any reason why these wouldn't work :) Michael Fork - CCNA - MCP - A+ Network Support - Toledo Internet Access - Toledo Ohio On Wed, 21 Mar 2001, Martin A. Marques wrote: > El Mié 21 Mar 2001 18:33, Adam Lang escribió: > > Correct, all it does is connect straight to the database. It doesn't have > > anything to involve encryption... it doesn't care. So, you'll probably > > need to secure the path yourself, ie IPSEC. > > > > Someone else may have a better idea, but this is all I can think of. > > Typically though, you shouldn't have PHP connect to a database over a > > connection that is insecure/public. > > > > Any reason this is a concern? > > Well, I thought about this, because I was trying to build something like it. > A web server, and a database server, seperated! So I thought, if Postgres > accepts hostssl connections (if compiled with ssl support), why doesn't PHP > use this powerfull feature? > Would it be difficult to build a pg_connectssl function in PHP that would do > this? > > Saludos... :-) > > -- > System Administration: It's a dirty job, > but someone told me I had to do it. > ----------------------------------------------------------------- > Martín Marqués email: martin@xxxxxxxxxxxxxxx > Santa Fe - Argentina http://math.unl.edu.ar/~martin/ > Administrador de sistemas en math.unl.edu.ar > ----------------------------------------------------------------- > ---------------------------(end of broadcast)--------------------------- TIP 1: subscribe and unsubscribe commands go to majordomo@xxxxxxxxxxxxxx
