Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Need to use best-practices for db security #8

Open
kidwellj opened this issue May 9, 2017 · 0 comments
Open

Need to use best-practices for db security #8

kidwellj opened this issue May 9, 2017 · 0 comments
Assignees
@kidwellj

Comments

@kidwellj
Copy link
Member

kidwellj commented May 9, 2017

Current recommended pg_hba.conf is vulnerable to IP spoofing, should be reconfigured to use md5 or ident for connection to web server. Perhaps also worth changing listen_addresses in PostgreSQL.conf to something other than "*" as this can be accessed via the carto SQL API.
@kidwellj kidwellj self-assigned this May 9, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kidwellj kidwellj

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kidwellj