Configure the postgres database server to only allow access to trusted systems
Issue
The database allows any remote system the ability to connect to it. It is recommended to limit direct access to trusted systems because databases may contain sensitive data, and new vulnerabilities and exploits are discovered routinely for them. For this reason, it is a violation of PCI DSS section 1.3.7 to have databases listening on ports accessible from the Internet, even when protected with secure authentication mechanisms. The current postgres DB configurations files (postgresql.conf and pg_hba.conf) are attached.
Environment
- PostgreSQL Server
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.