we have oracle database hosted at a third party location. we can only access that database from one server on our network. the third party only allowed access to the database from that server. our web apps are hosted on a different server and there is no way that we can open connection to the database from the web server. is there a way that we can use the allowed server to access the database from the web server which resides on the same network, kind of a centralized connection hub
As a practice industry wise . From Web-Server access to the database is not allowed from security point of view . Consult your network team by sending the ping of the IP address of the database server from web server . The result will show what is happening between web server and database server
Related
I have developed an application in Asp. Net C# Technology. It is an offline application.
I need to host my application with the SQL Server database locally on the client's machine. The client can easily access the database from the web.config connection string.
I want to restrict the client or any other user to access/see the database.
How can I do this?
I need to host my application with the SQL Server database locally on the client's machine
I want to restrict the client or any other user to access/see the database.
How can I do this?
You cannot. It's the client's machine, so it's the client's SQL Server, and the client's database.
Here are the instructions for any Windows Administrator to connect to SQL Server with full administrative permissions: Connect to SQL Server When System Administrators Are Locked Out
How do I make connection to an AWS hosted database, and pull or query data into a local or Azure hosted SQL server DB? Can I be directed to the right place or resource?
Thanks.
There's nothing special about the fact that they're in AWS or Azure VMs. For this to work, you need TCP/IP connectivity from your client to the server, and you need port 1433 to not be blocked along the way.
The VM in AWS or Azure needs to have an externally visible IP address, or you need to be connecting via a VPN to the internal network of the cloud-hosted system. The operating system on that VM that's hosting SQL Server needs to have a firewall rule that allows port 1433 inbound.
Once you can do that, you can then just set up a Linked Server on your end, that refers to the SQL Server at the other end. That will allow you to query the tables on the server via 4 part names i.e. linkedservername.databasename.schemaname.tablename.
If you have SQL Server with the same collation at both ends, also ensure you set "collation compatible" on the linked server configuration. (It can make a huge performance difference)
Is it possible to (select query) of Microsoft Access database from my server where the MDB file is located in client pc (not in server)?
Global question: how to interact with client database (MS Accces) from my server(web site)???
You might want to rethink your setup:
Better have your database MDB on the server (Web server) since the server most likely to have a static IP address
Then you can have another database MDB on the client link to the Database MDB on the server (Web server) thru linked tables or ADO
This will be quite a challenge(redefining client/server setup), you better off going with a better DBMS on the server(Web site) like MySQL or MariaDB. Easy to setup and access remotely with MySQL connectors, from your client pc.
my project requires me to use PHP and connect to the oracle database service hosted by our department. I want to use amazon ec2 to deploy the project. Is it able to connect to an external oracle database from amazon ec2 by PHP?
I've tried google app engine. It doesn't support external database connection. what a drawback!
Yes, it does. By default, Ec2 instances launched in EC2-Classic have full outbound access. So, the Ec2 instance can connect to your Oracle DB Provided your Oracle DB is accessible over the internet (in other words, your Oracle DB has a public IP address and you have firewall rules configured on your end to allow inbound access to Oracle DB).
If you Oracle DB is in a private network, then you need proxy server or SSH tunnel (or something similar) to connect to the instance.
Overall, there is no limitation on EC2 side.
We are building a client solution that will be hosted on servers in a data-centre. It consists of several servers all related to providing the client solution. There is no internal network to protect but for some reason our UAT environment has the notion of a DMZ in the server diagram.
We have an IIS box which will have a public IP. Then we have two servers DB(Sql Server) and APP that are only on the internal lan with no public IPs. You can only RDP to these servers via VPN. Our IIS server needs sql access so port 1433 is open from IIS box(DMZ) to the sql server. We are also opening several ports from the IIS server to the APP server which hosts WCF services.
My understanding was that a DMZ was meant to protect internal private networks and that these networks should not be accessible from the DMZ but we are now opening up ports to both our APP and DB servers so they are accessible from the DMZ. In the end most of our servers are accessible from the IIS server via certain ports.
We originally wanted to setup our SQL server for AD authentication only but since our IIS server is in the DMZ and has no AD access we will be forced to enable mixed mode authentication in SQL server. This might be another security issue in it's own since we are now forced to store passwords somewhere on the IIS server to be able to auth against sql server.
Are we not perhaps missing the idea of a DMZ?
So with a system where you have a DMZ, there is also a firewall involved.
So your system should look like this I think:
SQL-server hosting internal data
Other servers needed for the company
---- firewall ----
SQL-server hosting data for web solution
AD-server (if needed)
Web-server
FTP-server (could be on the web server also)
With this setup you don't expose company-sensitive database to the outside world and you also don't open up a port in the firewall making it possible for attackers to (maybe) get access to the internal database which has company sensitive data...
Just my suggestion based on the information provided.