Solved

Security for SQL and Web Connections

Posted on 2014-02-10
5
255 Views
Last Modified: 2014-02-12
I currently have a Public facing Web server that has multiple Web sites two of the Web sites need access to the SQL Database Server on my local network. Currently I have a firewall rule that allows the web server to communicate to the SQL Server through the SQL ports but this is managed by the IP addresses of the SQL Server and The Web Server. The problem with is the web server has access to the complete SQL Server on the ports open for SQL. Is there a way to have individual web sites only have access to individual database on the SQL SERVER?

Thanks
0
Comment
Question by:ahmad1467
5 Comments
 
LVL 5

Expert Comment

by:Leon Kammer
Comment Utility
Hi,

Using SQL authentication, the individual databases can be locked down to a specific user.

Cheers

Leon
0
 
LVL 19

Expert Comment

by:Patricksr1972
Comment Utility
Of course, they are called connection strings where you define a username/ password database etc.
This sql user only has rights to the database defined, nothing else.
0
 

Author Comment

by:ahmad1467
Comment Utility
Thanks
 I under that I can lock down users to individual DB but I guess what I’m really looking for is to lock down Individual Websites to individual Databases.

Thanks
0
 
LVL 5

Assisted Solution

by:Leon Kammer
Leon Kammer earned 250 total points
Comment Utility
Hi,

you can create a user, set the user's permissions in the DB, and then alter the connection string within the website to connect to the SQL server.

This is generally housed in the web.config file.
0
 
LVL 16

Accepted Solution

by:
Surendra Nath earned 250 total points
Comment Utility
Yes, You can....

in order to accomplish this you have to create two SQL Logins
Let us say ABC, XYZ are the login names.....

Now for ABC assing the DB Reader role in the Database ABC_DB and remove the DBReader role in XYZ_DB....

and do viceversa for XYZ.... this will accomplish what you are looking for

you can use SP_dropRole, and SP_addRole inorder to accomplish this

http://technet.microsoft.com/en-us/library/ms189121.aspx
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Occasionally there is a need to clean table columns, especially if you have inherited legacy data. There are obviously many ways to accomplish that, including elaborate UPDATE queries with anywhere from one to numerous REPLACE functions (even within…
How to leverage one TLS certificate to encrypt Microsoft SQL traffic and Remote Desktop Services, versus creating multiple tickets for the same server.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now