Best Practices for Securing a Publicly Accessible PostgreSQL Database #4585
melnikovic
started this conversation in
Database Requests
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi everyone,
I’m setting up a PostgreSQL database that needs to be accessible over the internet because it will be used from Google Cloud, and I can't restrict access by IP or keep it fully isolated. While I’m aware of the risks, I’d like to make sure I’m taking the right precautions to keep it secure.
Here are my specific concerns:
Brute Force Attacks on Login
Even with a strong password, I’m worried about brute force attempts against the database login. Is there a reliable way to slow down or mitigate these attempts? For instance:
Are there tools or PostgreSQL-native features to detect and block repeated failed login attempts?
Can I rate-limit or delay login requests to make brute force infeasible?
Denial of Service (DoS) via Excessive Requests
Beyond just brute forcing passwords, I’m concerned about malicious actors sending a high volume of requests to overwhelm or crash the database. What strategies can I use to protect PostgreSQL from being rendered unavailable by excessive traffic?
Are there middleware solutions or database-level configurations that can throttle or block abusive connections?
Would tools like connection pooling or external firewalls help here?
Keeping PostgreSQL Up-to-Date
Security patches and upgrades are critical to avoid vulnerabilities, but I’m unsure about the best practices for this in a production environment:
What’s the recommended approach to stay updated with PostgreSQL patches?
How do I safely upgrade without risking downtime or introducing new issues?
I’d love to hear about tools, configurations, or workflows that others are using to address these challenges. Any advice, guidance, or resources you can share would be greatly appreciated!
Thanks in advance for your help!
Beta Was this translation helpful? Give feedback.
All reactions