How to configure postgresql postgresql.conf listen_addresses for multiple ip addresses [closed]

postgresql

I can connect just fine to a remote postgresql server that has connection restrictions to a few IPs in the pg_hba.conf, but is this enough if you have listen_addresses set to "*" in the postgresql.conf file?

That files indicates that that parameter can take a comma separated list of ip addresses, but if i do that, I lose the ability to connect remotely.

postgresql-8.4.9 rhel


Solution 1:

listen_addresses controls which IPs the server will answer on, not which IPs the server will permit connections to authenticate from. It's entirely reasonable and normal to use listen_addresses '*' so the server will accept incoming connections on any ip assigned to an interface on the postgresql server host, while using pg_hba.conf to control access at a finer grained level for which IPs the server will accept logins from for specific databases and users.

Solution 2:

Setting listen_addresses to '*' is normal, as dbenhur points out. Also you can use tools such as iptables to deny access to the port apart from certain remote IPs. You can even do both: redundancy in security is not necessarily a bad thing (although, relying on IP address security isn't so good).

Related

Exit with error code in go?
How to handle optional query parameters in Play framework
importing a module when the module name is in a variable [duplicate]
Is bash a programming language?
How to simulate pinch zoom in Google Chrome?
Case statement fallthrough?
How to make a variable inside a try/except block public?
Updating the path 'x' would create a conflict at 'x'
Easiest way to persist a data structure to a file in python?
Javascript onHover event
How to generate a Java class which implements Serializable interface from xsd using JAXB?
Record Android Audio Output