xTuple Admin Guide

Your xTuple database runs on a PostgreSQL server, access to which is controlled by a file called pg_hba.conf. That file is described here: https://www.postgresql.org/docs/9.3/static/auth-pg-hba-conf.html.

So, for example, you might find it at: /etc/postgresql/9.3/main/pg_hba.conf

You will need superuser (sudo) access to modify and save changes to the file. Open the file in a text editor such as nano.

>sudo nano /etc/postgresql/9.3/main/pg_hba.conf 

Scroll to the end of the file, and make sure that your host settings match the following.

#local    replication postgres              trust
#host     replication postgres 127.0.0.1/32 trust 
#host     replication postgres ::1/128      trust
hostnossl all         all      0.0.0.0/0    reject 
hostssl   all         postgres 0.0.0.0/0    reject
hostssl   all         all      0.0.0.0/0    md5

This is the recommended configuration for your PostgreSQL server. The settings above ensure that no users are able to access the database from outside your network via a non-SSL connection. It also blocks the user named 'postgres' from accessing the database from outside the network. Finally, it declares that all other users will have to log in with a password via a secure connection.

You may have additional host entries in your pg_hba.conf file if you have specifically allowed other users and IP locations to access your database. Just make sure that you know the purpose of any additional lines in this file.