1

I have Server with a Postgres DB on the same server is a contentmanager application which writes into the psql db. Further I have an other server with a application which fetchs data from the postgresql (read only). I know there are different ways to get remote access from my app server to the postgres server:

  1. Access over internet with IP Whitelisting
  2. Access over a SSH Tunnel
  3. Fetching data over a webservice which runs local on the PSQL Server.

Which solution is the most performant and securest? Or is there any other solution?

Thanks

Improve this question

1 Answer 1

Reset to default
2

I will put it short.

  • Option 1 makes sure noone else connects to your server, but does not protect your connection in any other way.

  • Option 2 provides full security.

  • Option 3 has a lot of latency, though can be as secure as SSH (if you use HTTPS).

So use SSH tunnel. It's a sure way.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

What is the best way to create the ssl tunnel to guarantee that the connections is always open. Eg after a network hick - up. Should I create the Tunnel directly in the application? My Application is in python
I usually create SSH tunnels with a command like ssh -fNg -L 5599:127.0.0.1:5432 user@mysesrver. You can set a cronjob to run the command if the tunnel fails (i.e. ps ax | grep ssh returns nothing).

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.