Secure open port SQL server linked to Access Project Database file (ADP)

Posted on 2010-08-25
Medium Priority
Last Modified: 2012-05-10
Hi Guys,

I have a dedicated windows web server hosted by oneandone.co.uk
I've installed SQL server express and have an Access Project Database connected to the SQL database remotely, It all works suprisingly well across the open internet.
Obviously I'm concerned about the security aspect. I have it currently set so the user has to enter their Username and Password to login to the Database. Are there other ways of making it more secure by possibly tying it to the users mac address or some other method. I can't use an IP address because most users will not have a fixed IP address. I can set a different port number instead of the default 1433 but it is still an open port.

Any suggestions greatly received.
Question by:dataflowjoe
LVL 81

Accepted Solution

arnold earned 2000 total points
ID: 33527490
The two can not be tied in.  The application SQL has no way of knowing what the MAC address of the remote user given that that packet travels through multiple routers and gets assembled by the networking driver of the OS.

A way to secure it is by controlling access.  I.e. configure firewall to limit who can connect to the port.  The other option is to use secure/encrypted socket and require the remote users have a certificate that your server will recognize.

The best way is to setup a web page/ASP that the users can use to access their data.  Adding logic into the web page that will lock out failed requests from the same source based on IP which is present in the HTTP headers and is passed to the web based application by the web server.

No matter which option you take, you still have an open port through which attempts to gain access will be made.

Author Closing Comment

ID: 33529002
Thanks for your reply , I've decided to use a VPN solution now.

Featured Post

Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

We live in a world of interfaces like the one in the title picture. VBA also allows to use interfaces which offers a lot of possibilities. This article describes how to use interfaces in VBA and how to work around their bugs.
A Case Study of using the Windows API to provide RS232 communications capability in Access without the use of Active-X controls.
Learn how to set-up PayPal payment integration in your Wufoo form. Allow your users to remit payment through PayPal upon completion of your online form. This is helpful for collecting membership payments, customer payments, donations, and more.
Stellar Phoenix SQL Database Repair software easily fixes the suspect mode issue of SQL Server database. It is a simple process to bring the database from suspect mode to normal mode. Check out the video and fix the SQL database suspect mode problem.

600 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question