Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

seting adress of SQL server to localhost or 127.0.0.1

Posted on 2006-10-21
5
Medium Priority
?
1,045 Views
Last Modified: 2011-09-20
Hi Experts

I have 2 servers, one (A) for asp application, the other (B) for sql server
when i connect A to B i use a SQL connection string  suck like :

GetConnection = "DRIVER={SQL Server}; Server=IP ADDRESS; Database=xxxxx; UID=yyyyyyy; PWD=zzzzzz"

The problem is revealing the IP in the connection string makes my server unsecure

I would like to set a connection string like that

GetConnection = "DRIVER={SQL Server}; Server=127.0.0.1; Database=xxxxx; UID=yyyyyyy; PWD=zzzzzz"

Knowing that 127.0.0.1 is the local host addresse of server A, how can i make it point to SQL server B

Thx
0
Comment
Question by:humer2000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 29

Expert Comment

by:Nightman
ID: 17781123
You can't reference ANOTHER server by the localhost IP address. You can, however, reference it by named instance (SQLSERVERNAME\INSTANCENAME)

Why don't you encrypt the connection string, and decrypt it before you use it?
If you are using ASP.NET, there are many ways to do this in the web.config
http://www.codersource.net/asp_net_security_connection_string.aspx
http://gridviewguy.com/ArticleDetails.aspx?articleID=143

If you are using classic ASP and VB (in a dll) there are literally hundreds of examples on the internet on how to do this.
If you are not using a dll, create one - storing the logic for encryption/decryption in the page would be a really bad idea.

Cheers
Night
0
 
LVL 1

Author Comment

by:humer2000
ID: 17781930
i  want to use this method because my old ISP was using it and it works.
This method allows connection to SQL server only by members of the network (Servers)
Preventing people from connecting to SQL directly from their PC
0
 
LVL 5

Accepted Solution

by:
hbz earned 2000 total points
ID: 17782021

It will work for computers on the same network, of course.  The IP addresses were likely something like 192.168.1.10.  You say that you don't want to expose the IP of the server (but you are comfortable exposing the username and password).  There are a few solutions:

1) Set up a DSN on your application server
2) If the machine is not on the same network, then set up an entry in the HOSTS file to resolve an arbitrary computer name to any IP you choose
3) There may be other solutions with VPN?

- hbz
0
 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 17782999
>i  want to use this method because my old ISP was using it and it works.
it will ONLY work if the web server and the sql server are on the same computer, otherwise it cannot work.
127.0.0.1 is a reserved ip address that means "myself" for the computer.
usually, an entry in the hosts files resolved localhost to that ip address, but that is not necessary.

as hbz noted, you need to use a IP address or Name of a server, where you can play with the hosts file
usuaally, the web server is in a DMZ, while the sql server is behind the DMZ (if you don't know what it is, ask a network admin: DMZ is a De-Militarized Zone, special term in networking)
and a firewall that explicitely opens the route between the web server and the sql server for only those ports that the sql server will need (usually 1, and the port is configurable).


0
 
LVL 1

Author Comment

by:humer2000
ID: 17783332
Hi hbz

i have follwoed solution 1,  Seting up a DSN on my application server
and it works fine
thx
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever needed a SQL 2008 Database replicated/mirrored/log shipped on another server but you can't take the downtime inflicted by initial snapshot or disconnect while T-logs are restored or mirror applied? You can use SQL Server Initialize from Backup…
Ready to get certified? Check out some courses that help you prepare for third-party exams.
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function
Viewers will learn how to use the UPDATE and DELETE statements to change or remove existing data from their tables. Make a table: Update a specific column given a specific row using the UPDATE statement: Remove a set of values using the DELETE s…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question