27

I want to configure PostgreSQL to accept connections only from a specified IP. It should not accept requests from any other IP.

Craig Ringer
  • 307,061
  • 76
  • 688
  • 778
Ankur Loriya
  • 3,276
  • 8
  • 31
  • 58

3 Answers3

32

The following pg_hba.conf allows local and specified Ip have privilege login, but reject others。

# TYPE  DATABASE        USER            ADDRESS                 METHOD
local   all             all                                     trust
host    testdb          testuser      192.168.1.1/32             md5
host    all             all           0.0.0.0/0                 reject
francs
  • 8,511
  • 7
  • 39
  • 43
17

The easiest way is to make PostgreSQL listen only on localhost for incoming connections. The relevant parameter is listen_addresses in postgresql.conf. The doc is here.

Gringo Suave
  • 29,931
  • 6
  • 88
  • 75
A.H.
  • 63,967
  • 15
  • 92
  • 126
6

Check the pg_hba.conf file in the data folder of PostgreSQL. This is the client authentication configuration file. 

# TYPE  DATABASE        USER            ADDRESS                 METHOD
host    testdb           testuser      192.168.1.1               md5
local   testdb           all                                     md5

Add the above to the pg_hba.conf file

Randall
  • 2,859
  • 1
  • 21
  • 24
Jacob George
  • 2,559
  • 1
  • 16
  • 28
  • 4
    Note that PostgreSQL will still accept TCP socket connections to its port from any interface it is bound to via `listen_addresses` in `postgresql.conf`, it just won't let them authenticate. If you want to prevent even a TCP handshake, you'll need to use `iptables`. – Craig Ringer Aug 01 '12 at 06:59