| 1 |
Joseph <syscon780@×××××.com> wrote: |
| 2 |
|
| 3 |
>On 04/24/13 07:11, J. Roeleveld wrote: |
| 4 |
>>On Wed, April 24, 2013 00:16, Joseph wrote: |
| 5 |
>>> On 04/23/13 20:10, J. Roeleveld wrote: |
| 6 |
>> |
| 7 |
>><SNIP> |
| 8 |
>> |
| 9 |
>> |
| 10 |
>>>>I am guessing Apache is running on the same machine as your |
| 11 |
>Postgresql |
| 12 |
>>>> server? |
| 13 |
>>>> |
| 14 |
>>>>In this case. The connection will always originate from localhost |
| 15 |
>and |
| 16 |
>>>> Postgresql is behaving as it should. |
| 17 |
>>>> |
| 18 |
>>>>You will need to secure access to the website to avoid people |
| 19 |
>accessing |
| 20 |
>>>> it. |
| 21 |
>>>> |
| 22 |
>>> |
| 23 |
>>> Yes, every machine I run has apache on it, so Postgresql server |
| 24 |
>runs on |
| 25 |
>>> it as well. |
| 26 |
>>> If I'm connecting from another network machine to a server, how does |
| 27 |
>it |
| 28 |
>>> originate from localhost? |
| 29 |
>>> |
| 30 |
>>> Something is not correct. |
| 31 |
>> |
| 32 |
>>I'll try to explain. |
| 33 |
>> |
| 34 |
>>When you connect to the website (Apache) the connection Apache sees |
| 35 |
>>originates from your machine. |
| 36 |
>> |
| 37 |
>>When Apache then needs to access PostgreSQL to access the data needed |
| 38 |
>for |
| 39 |
>>the website, Postgresql sees the connection originating from Apache, |
| 40 |
>which |
| 41 |
>>is running on the same machine. |
| 42 |
>> |
| 43 |
>>-- |
| 44 |
>>Joost |
| 45 |
> |
| 46 |
>Thank you for explanation. |
| 47 |
> |
| 48 |
>That is what I'm confused about. When I connect to "pstgresql" |
| 49 |
>database from the same machine as postgres is running on I can |
| 50 |
>understand. |
| 51 |
>It is a local connection from localhost (127.0.0.1) so everybody is |
| 52 |
>allowed but I don't understand why users on the local network can |
| 53 |
>connect to my machine and login |
| 54 |
>using apache when their IP is different. |
| 55 |
> |
| 56 |
>-- |
| 57 |
>Joseph |
| 58 |
|
| 59 |
Joseph. |
| 60 |
|
| 61 |
The connection to the database is done by apache. Apache connects from the server where Apache is running. |
| 62 |
|
| 63 |
Postgresql does not know nor even care where the connection to apache originates from. It only sees apache connecting to it. |
| 64 |
|
| 65 |
If you want to prevent people from accessing the website. You will need to configure the restriction in Apache or in a firewall. |
| 66 |
|
| 67 |
A webbrowser will NOT connect directly to the database. With a lot of larger applications this will not even be possible because the database is on a seperate server where the firewall is only allowing the webserver to access the database. |
| 68 |
|
| 69 |
Restricting access to a website by setting restrictions on the database server uswd by the website is pointless. |
| 70 |
|
| 71 |
-- |
| 72 |
Joost Roeleveld |
| 73 |
-- |
| 74 |
Sent from my Android phone with K-9 Mail. Please excuse my brevity. |
Archives