Besides the obvious and serious security risk, it is not advised to manage individual Ips via hba.conf.
Strongly recommend a per-customer VPN solution that includes a firewall. Every remote user connects through the VPN. PostgreSQL sees stable VPN addresses. Then you can use something like:
hostssl all all 10.88.0.0/24 scram-sha-256
Note: This setup is outside the scope of our ability to support your PostgreSQL database. You will have to support your own database in the event of a incident.
Comments
0 commentsPlease sign in to leave a comment.