36.14. Restricting Client Access
The default PostgreSQL configuration usually allows any user to connect to the database server from the same system without needing to log in, but prevents all remote access. If you want to allow clients to connect from other systems (for example, if you are setting up a database server that will be accessed from a separate web server), then PostgreSQL needs to be configured to allow this.
To grant access to another host, follow these instructions:
1. | On the module's main page, click on the Allowed Hosts icon. You will be taken to a page listing hosts from which connections are allowed, the databases clients can access, and the authentication modes used. Typically, only local connections and those from 127.0.0.1 will initially be allowed. |
2. | |
3. | In the Host address field, select Single host and enter the IP or hostname of the remote client system into the adjacent field. You can also select Network and enter the network address (like 192.168.1.0) and netmask (like 255.255.255.0) into the fields next to it to allow an entire LAN. |
4. | To give the specified host or network access to all databases on your server, leave the Database field set to All databases. Otherwise, make a selection from the menu to limit the client to just that one. If you want to grant a client access to two databases, you will need to add two host entries each with a different choice selected from Database menu. |
5. | |
6. | Hit the Create button to add the new allow host entry. |
If your system has multiple users, each of whom has data in a PostgreSQL database that belongs to them, you should not allow them to log in to the database server without a password. By default, PostgreSQL allows exactly this, which is not particularly secure! Fortunately, it can be easily fixed. There is a risk that you will lock Webmin itself out of the database, however, as it is often set up by default to log in as the user postgres without a password.
Follow these instructions to reconfigure the module to log in with a password and to force local users to do the same thing:
1. | On the module's main page, click on the PostgreSQL Users icon and then on the postgres user to bring up its editing form. |
2. | Select the second radio button for the Password field and enter a nice, secure password into the adjacent text field. Click Save. |
3. | Go back to the module's main page, and hit the Module Config link. |
4. | |
5. | Click on the Allowed Hosts icon, and then on Local connection in the Host address column. Change the Authentication mode field to Plaintext password, and click the Save button. After your browser returns to the list of allowed hosts, click on 127.0.0.1 and make the same change. |
6. | Return to the module's main page. If all went well, you will still be able to see and manage databases, and all users will require a password to connect. |
When a client connects to the database server, PostgreSQL checks the host entries on the Allowed Hosts page in order. As soon as it finds one that matches the client address and requested database, the authentication mode for that entry is used. You can use this feature to block certain hosts while allowing all others by creating a host entry with the Host address field set to the IP you want to block, and the Authentication mode set to Reject connection. This entry must appear in the list above any broader entry that would allow the same client.
Because new allowed host entries are always added to the end of the list, the page has a feature for moving around. The up and down arrows under the Move column in the list can be clicked on to move an entry up or down one place, respectively.