Search Postgresql Archives

Re: Making the DB secure

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Együd Csaba wrote:
Hi,
we plan to make available our database from the internet (direct tcp/ip
based connections). We want to make it as secure as possible. There are a
few users who could access the database, but we want to block any other
users to access.
Our plans are:
  - using encripted (ssl) connections - since sensitive (medical) personal
information are stored. (How to setup this? What do we need on server side, and what on client
side?)
  - using pg_hba.conf to configure authentication method and IP filters
  - forcing our users to change their passwords frequently
  - applying strong password policy (long pw, containing upper/lowercase
characters and numbers)

Could anybody suggest us something more valuable features in postgres to
improve the security? Regarding SSL, I'd like to know how to use it correctly. What we have to do
on the server to accept ssl connections, and what kind of client softwares
are required.

It sounds to me like you plan to put the database server on the internet. I hope not. It should at the very least be in a dmz:

database server <-> web server <-> firewall <-> internet

--
Until later, Geoffrey

---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
     subscribe-nomail command to majordomo@xxxxxxxxxxxxxx so that your
     message can get through to the mailing list cleanly

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux