Sunday, September 30, 2012

Stopping remote access to local PostgreSQL databases on Debian Linux

It seemed that the databases should only be used locally. No other computers should be allowed to connect to the local databases.

I used:
nano /usr/local/pgsql/data/pg_hba.conf

I changed this file in this way:

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             postgres                                     trust
# IPv4 local connections:
#host    all             all               trust
# IPv6 local connections:
#host    all             all             ::1/128                 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local   replication     postgres                                trust
#host    replication     postgres            trust
#host    replication     postgres        ::1/128                 trust

According to this page,

"HBA stands for host-based authentication."

local is a record which "matches connection attempts using Unix-domain sockets." In addition, "without a record of this type, Unix-domain socket connections are disallowed."

No comments: