How to configure PostgreSQL to accept all incoming connections except postgres / admin
Question
My question is how to configure it so that non-admin (non-postgres) accounts can login from the internet but the admin (postgres) user is only allowed from localhost or a limited IP range. What entries in the pg_hba.conf that let me set this up? I already have set this up in postgresql.conf :
listen_addresses = '*'
I also have added the line to my pg_hba.conf to allow log in from the wide open world:
host all all 0.0.0.0/0 md5
But now the postgres use can log in from any address which is not what I want:(
I have seen a number of places that talk about how to open up PostgreSQL for connections from any address like: https://dba.stackexchange.com/questions/83984/connect-to-postgresql-server-fatal-no-pg-hba-conf-entry-for-host but no questions that open it up and lock down the postgres user.
1 answers
solution1
1 ACCPTED 2020-04-13 06:13:58
Try:
# "local" is for Unix domain socket connections only
local all postgres trust
# IPv4 local connections:
host all postgres 0.0.0.0/0 reject
host all all 0.0.0.0/0 md5
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.