Re: Authentication method for web app

From: Ivan Voras <ivoras(at)freebsd(dot)org>
To: Leonardo F <m_lists(at)yahoo(dot)it>
Cc: pgsql-general(at)postgresql(dot)org
Subject: Re: Authentication method for web app
Date: 2010-05-14 08:43:53
Message-ID: AANLkTikJG1nGweGHc6cFa8HbgJH3ED6Sob7ONbyxJvPS@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On 14 May 2010 09:08, Leonardo F <m_lists(at)yahoo(dot)it> wrote:
>> Personally I would lean toward making
>> the bulk of security within the
>> application so to simplify everything - the
>> database would do what it
>> does best - store and manipulate data - and the
>> application would be the
>> single point of entry. Protect the servers - keep
>> the applications (like
>> ssh, php, apache, your application) updated and make
>> sure you have good
>> and frequent backups.
>
>
>
> Thank you for your reply.
>
> Anyone else? How do you "secure" your db used by
> webapps?

Basically what I've said:

1) find all points of entry to the db (i.e. the application), secure them
2) keep the server itself secure (applications patched, firewall
enabled with custom rules to protect the db if necessary, only trusted
local users etc.) If the app and the db are on different servers,
consider a direct (patch cable) link between them or if the structure
is more complex a switch, remove them from Internet, possibly make a
DMZ, etc.

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Catalin BOIE 2010-05-14 09:43:02 Re: PANIC: corrupted item pointer: 32766
Previous Message Devrim GÜNDÜZ 2010-05-14 07:33:30 Re: pg_dumpall for Postgres Database Daily Backup?