You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@couchdb.apache.org by faust 1111 <fa...@gmail.com> on 2010/04/16 00:03:50 UTC

Limit user access via proxy

I run Couch
and nginx as proxy
users can download files directly from couch

But how i can limit access only read from my db (limit to remote ip)?

Маy be it's better catch requests to files in my ruby app?
but directly to couch is faster.

Re: Limit user access via proxy

Posted by Alexandre Leray <ne...@alexandreleray.com>.

Hi, I'm not an expert so don't take my words for granted :-)

You might use some firewall like iptables or uncomplicated firewall 
(ufw) to restrict access to localhost.

What do you think?

Best

ALexandre Leray

Le 16/04/10 00:03, faust 1111 a écrit :
> I run Couch
> and nginx as proxy
> users can download files directly from couch
>
> But how i can limit access only read from my db (limit to remote ip)?
>
> Маy be it's better catch requests to files in my ruby app?
> but directly to couch is faster.
>
>

Re: Limit user access via proxy

Posted by Anh <7z...@gmail.com>.

On Thu, Apr 15, 2010 at 5:20 PM, Randall Leeds <ra...@gmail.com> wrote:
> Or use the nignx config to block PUT/POST/DELETE/COPY from foreign ips.
>
> 2010/4/15 J Chris Anderson <jc...@gmail.com>:
>>
>> On Apr 15, 2010, at 3:03 PM, faust 1111 wrote:
>>
>>> I run Couch
>>> and nginx as proxy
>>> users can download files directly from couch
>>>
>>
>> If you are on CouchDB 0.11 you can navigate to the database in Futon, click security settings, and set some reader names or roles. This way users will need to log in to your couch before they can see that database.
>>
>> Chris
>>
>>> But how i can limit access only read from my db (limit to remote ip)?
>>>
>>> Маy be it's better catch requests to files in my ruby app?
>>> but directly to couch is faster.
>>
>>
>


We do similar with a Citrix Netscaler, only allowing GET and HEAD from outside

Re: Limit user access via proxy

Posted by Randall Leeds <ra...@gmail.com>.

Or use the nignx config to block PUT/POST/DELETE/COPY from foreign ips.

2010/4/15 J Chris Anderson <jc...@gmail.com>:
>
> On Apr 15, 2010, at 3:03 PM, faust 1111 wrote:
>
>> I run Couch
>> and nginx as proxy
>> users can download files directly from couch
>>
>
> If you are on CouchDB 0.11 you can navigate to the database in Futon, click security settings, and set some reader names or roles. This way users will need to log in to your couch before they can see that database.
>
> Chris
>
>> But how i can limit access only read from my db (limit to remote ip)?
>>
>> Маy be it's better catch requests to files in my ruby app?
>> but directly to couch is faster.
>
>

Re: Limit user access via proxy

Posted by J Chris Anderson <jc...@gmail.com>.

On Apr 15, 2010, at 3:03 PM, faust 1111 wrote:

> I run Couch
> and nginx as proxy
> users can download files directly from couch
> 

If you are on CouchDB 0.11 you can navigate to the database in Futon, click security settings, and set some reader names or roles. This way users will need to log in to your couch before they can see that database.

Chris

> But how i can limit access only read from my db (limit to remote ip)?
> 
> Маy be it's better catch requests to files in my ruby app?
> but directly to couch is faster.