Restricting Access to DB on same server

Posted on 2005-04-17
Last Modified: 2013-11-13

I want to be able to offer limited access to a DB to clients that are hosted on my server (only select clients NOT all).

I was thinking of offering them a set of functions, like an API, that they could utilize and use the recordset that is returned in the normal way. I could probably have a set of domain names that had access along with the server IP and verify that the call was coming from the correct domain name on the local server.

What do you think? Any better suggestions? Would the domain and IP of server be enough security?

I want to be able to offer the service without basically opening myself up to having it stolent by everybody.

All helpful suggestions or advice appreciate.
Question by:lux_interior
    LVL 14

    Expert Comment

    You can deny all permissions to all users and/or user groups, and then grant permissions individually to users and/or groups (assuming that you have some way to authenticate users, such as username and password).

    Take a look at this:


      Nayer Naguib
    LVL 10

    Expert Comment

    by:Eduard Ghergu
    What DB server do you have ?

    Author Comment

    mysql. Too be honest I think a php solution offering an API is the best way to go. That way they never need to have access to the database.

    Perhaps this should be moved to another section of EE?


    LVL 10

    Accepted Solution

    Usually, the way in that clients has access to a database is thru some accounts. So, I see no reason to restrict access using operating system security policies. You have to create your own database security policy with user groups and accounts. After that, you have to create a login page. After authentication, you have to store in a session variable or in a cookie (basically is the same thing, but the way of implementing is different) some access rights information. You can, afterwards, check the rights when then user ask for a page and provide or not access to some fields or whatever...
    I hope that this is the answer to your question.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Suggested Solutions

    A short article about a problem I had getting the GPS LocationListener working.
    In this post we will learn how to connect and configure Android Device (Smartphone etc.) with Android Studio. After that we will run a simple Hello World Program.
    An introduction to basic programming syntax in Java by creating a simple program. Viewers can follow the tutorial as they create their first class in Java. Definitions and explanations about each element are given to help prepare viewers for future …
    In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now