Re: Database Security
All, Thank you very much for all the insightfull techniques. I will test the proposed functionalities in a lab environment prior to deployment. V/r, -Mario On Sep 13, 5:32 pm, Sander Steffann <[EMAIL PROTECTED]> wrote: > Hi Mario, > > > DATABASE_HOST ="http://192.168.1.128; > > DATABASE_HOST must contain a hostname or IP address, not an URL. You > should remove the "http://; part and check that the IP address is > correct and reachable. > > - Sander --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Database Security
Hi Mario, > DATABASE_HOST ="http://192.168.1.128; DATABASE_HOST must contain a hostname or IP address, not an URL. You should remove the "http://; part and check that the IP address is correct and reachable. - Sander --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Database Security
Mario wrote: [some stuff which I have again moved to the bottom where it belongs] > On Sep 13, 12:46 pm, Steve Holden <[EMAIL PROTECTED]> wrote: >> Ross wrote: >> [some stuff you can now find after the question] >>> On Sep 13, 9:37 am, Mario <[EMAIL PROTECTED]> wrote: Hello, I would like to move off the existing database server off Django. Currently, my settings.py file include the following configuration: >> DATABASE_USER = 'dbadmin' DATABASE_ENGINE = 'mysql' # 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3' or 'oracle'. DATABASE_NAME = 'golf_prod' # Or path to database file if using sqlite3. DATABASE_USER = 'dbadmin' # Not used with sqlite3. DATABASE_PASSWORD = 'x' # Not used with sqlite3. DATABASE_HOST = '' # Set to empty string for localhost. Not used with sqlite3. DATABASE_PORT = '' # Set to empty string for default. Not used with sqlite3. Question – I need to move the Mysql Server off our DMZ and into our protected internal network. Can I simply point the URL in the DATABASE_HOST . Any suggestions or recommendations? >> and Ross said >> >> http://docs.djangoproject.com/en/dev/ref/databases/#connecting-to-the... >> >> >> >>> Putting your database in the DMZ is probably a very bad idea... You >>> don't want to give the entire internet access to your database. The >>> standard Django setup expects your database to be accessible on the >>> same local network as your Django app. Other than that, there is no >>> special setup. >> While putting your database in the DMZ *is* a bad idea, there's nothing >> in the standard Django setup that requires it to *be* anywhere special. >> As Ross points out, as long as it can be contacted by name, or by IP >> address, it's perfectly OK for it to be the other side of a firewall, >> for example. >> >> I sometimes run Django code on my laptop against the database I use to >> support my public web site, though in that case I have taken the >> additional precaution of having the database require a digital >> certificate before it allows access. That's PostgreSQL, so I couldn't >> quote you the mechanics you'd need to do the same on MySQL. >> and Mario replied: > Thank you for responding so quickly, but the question hasn't been > answered. > Assuming there are firewalls layered between the DMZ and the private > network and the routing table has been setup correctly; > what do I need to do to forward the http request to my remote > database. > The Django server handles the HTTP request. No HTTP goes to the MySQL server - an entirely separate protocol is used between the web server and the database server. So, if you have firewalls between the two, you need to ensure that the web (Django) server host can make a connection to the MySQL port on the database server (which is 3306 by default). > Do I modify my settings.py to include the following: > > FROMTO: > > DATABASE_ENGINE = 'mysql' ---> DATABASE_ENGINE = 'mysql' > DATABASE_NAME = 'golf_prod' >DATABASE_NAME = 'golf_prod' > DATABASE_USER = 'dbadmin' ->DATABASE_USER = 'dbadmin' > DATABASE_PASSWORD = '' -->DATABASE_PASSWORD = '' > DATABASE_HOST = '' >DATABASE_HOST ="http:// > 192.168.1.128" > DATABASE_PORT = '' >DATABASE_PORT = "3306" > You will need to change the DATABASE_HOST setting if the new database it at a different IP address fro the one you are using now (which it almost certainly will be). The other settings should be perfectly OK as they are. > What I am looking for is the appropriate configurations/syntax to > connect to a remote database. Do I assume the MySQL driver and APIS > for Django will take care of the database connectivity or do I need to > modify the my.cnf file in MySQL. Also, do I need to make changes in > my Apache httpd.conf file as well? > Obviously there'll be an entirely different my.cnf file on the new database server, so I can't give you any advice on that. The Apache server has nothing to do with communications between Django and MySQl, so if it's working now just leave it as it is. Unless Apache has been configures to use other MySQL services, of course, which you *can* do, but presumably you would know if that were the case. regards Steve A: Because it puts information in the wrong order Q: What's wrong with top-posting? -- Steve Holden+1 571 484 6266 +1 800 494 3119 Holden Web LLC http://www.holdenweb.com/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at
Re: Database Security
Thank you for responding so quickly, but the question hasn't been answered. Assuming there are firewalls layered between the DMZ and the private network and the routing table has been setup correctly; what do I need to do to forward the http request to my remote database. Do I modify my settings.py to include the following: FROMTO: DATABASE_ENGINE = 'mysql' ---> DATABASE_ENGINE = 'mysql' DATABASE_NAME = 'golf_prod' >DATABASE_NAME = 'golf_prod' DATABASE_USER = 'dbadmin' ->DATABASE_USER = 'dbadmin' DATABASE_PASSWORD = '' -->DATABASE_PASSWORD = '' DATABASE_HOST = '' >DATABASE_HOST ="http:// 192.168.1.128" DATABASE_PORT = '' >DATABASE_PORT = "3306" What I am looking for is the appropriate configurations/syntax to connect to a remote database. Do I assume the MySQL driver and APIS for Django will take care of the database connectivity or do I need to modify the my.cnf file in MySQL. Also, do I need to make changes in my Apache httpd.conf file as well? Thank you again. _Mario On Sep 13, 12:46 pm, Steve Holden <[EMAIL PROTECTED]> wrote: > Ross wrote: > > [some stuff you can now find after the question] > > > > > On Sep 13, 9:37 am, Mario <[EMAIL PROTECTED]> wrote: > >> Hello, > > >> I would like to move off the existing database server off Django. > >> Currently, my settings.py file include the following configuration: > DATABASE_USER = 'dbadmin' > >> DATABASE_ENGINE = 'mysql' # 'postgresql_psycopg2', > >> 'postgresql', 'mysql', 'sqlite3' or 'oracle'. > > >> DATABASE_NAME = 'golf_prod' # Or path to database > >> file if using sqlite3. > > >> DATABASE_USER = 'dbadmin' # Not used with sqlite3. > > >> DATABASE_PASSWORD = 'x' # Not used with sqlite3. > > >> DATABASE_HOST = '' # Set to empty string > >> for localhost. Not used with sqlite3. > > >> DATABASE_PORT = '' # Set to empty string > >> for default. Not used with sqlite3. > > >> Question – I need to move the Mysql Server off our DMZ and into our > >> protected internal network. Can I simply point the URL in the > >> DATABASE_HOST . Any suggestions or recommendations? > > and Ross said > > http://docs.djangoproject.com/en/dev/ref/databases/#connecting-to-the... > > > > > Putting your database in the DMZ is probably a very bad idea... You > > don't want to give the entire internet access to your database. The > > standard Django setup expects your database to be accessible on the > > same local network as your Django app. Other than that, there is no > > special setup. > > While putting your database in the DMZ *is* a bad idea, there's nothing > in the standard Django setup that requires it to *be* anywhere special. > As Ross points out, as long as it can be contacted by name, or by IP > address, it's perfectly OK for it to be the other side of a firewall, > for example. > > I sometimes run Django code on my laptop against the database I use to > support my public web site, though in that case I have taken the > additional precaution of having the database require a digital > certificate before it allows access. That's PostgreSQL, so I couldn't > quote you the mechanics you'd need to do the same on MySQL. > > regards > Steve > -- > Steve Holden+1 571 484 6266 +1 800 494 3119 > Holden Web LLC http://www.holdenweb.com/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Database Security
Ross wrote: [some stuff you can now find after the question] > On Sep 13, 9:37 am, Mario <[EMAIL PROTECTED]> wrote: >> Hello, >> >> I would like to move off the existing database server off Django. >> Currently, my settings.py file include the following configuration: >> >> DATABASE_ENGINE = 'mysql' # 'postgresql_psycopg2', >> 'postgresql', 'mysql', 'sqlite3' or 'oracle'. >> >> DATABASE_NAME = 'golf_prod' # Or path to database >> file if using sqlite3. >> >> DATABASE_USER = 'dbadmin' # Not used with sqlite3. >> >> DATABASE_PASSWORD = 'x' # Not used with sqlite3. >> >> DATABASE_HOST = '' # Set to empty string >> for localhost. Not used with sqlite3. >> >> DATABASE_PORT = '' # Set to empty string >> for default. Not used with sqlite3. >> >> Question – I need to move the Mysql Server off our DMZ and into our >> protected internal network. Can I simply point the URL in the >> DATABASE_HOST . Any suggestions or recommendations? and Ross said > http://docs.djangoproject.com/en/dev/ref/databases/#connecting-to-the-database > > Putting your database in the DMZ is probably a very bad idea... You > don't want to give the entire internet access to your database. The > standard Django setup expects your database to be accessible on the > same local network as your Django app. Other than that, there is no > special setup. > While putting your database in the DMZ *is* a bad idea, there's nothing in the standard Django setup that requires it to *be* anywhere special. As Ross points out, as long as it can be contacted by name, or by IP address, it's perfectly OK for it to be the other side of a firewall, for example. I sometimes run Django code on my laptop against the database I use to support my public web site, though in that case I have taken the additional precaution of having the database require a digital certificate before it allows access. That's PostgreSQL, so I couldn't quote you the mechanics you'd need to do the same on MySQL. regards Steve -- Steve Holden+1 571 484 6266 +1 800 494 3119 Holden Web LLC http://www.holdenweb.com/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Database Security
http://docs.djangoproject.com/en/dev/ref/databases/#connecting-to-the-database Putting your database in the DMZ is probably a very bad idea... You don't want to give the entire internet access to your database. The standard Django setup expects your database to be accessible on the same local network as your Django app. Other than that, there is no special setup. On Sep 13, 9:37 am, Mario <[EMAIL PROTECTED]> wrote: > Hello, > > I would like to move off the existing database server off Django. > Currently, my settings.py file include the following configuration: > > DATABASE_ENGINE = 'mysql' # 'postgresql_psycopg2', > 'postgresql', 'mysql', 'sqlite3' or 'oracle'. > > DATABASE_NAME = 'golf_prod' # Or path to database > file if using sqlite3. > > DATABASE_USER = 'dbadmin' # Not used with sqlite3. > > DATABASE_PASSWORD = 'x' # Not used with sqlite3. > > DATABASE_HOST = '' # Set to empty string > for localhost. Not used with sqlite3. > > DATABASE_PORT = '' # Set to empty string > for default. Not used with sqlite3. > > Question – I need to move the Mysql Server off our DMZ and into our > protected internal network. Can I simply point the URL in the > DATABASE_HOST . Any suggestions or recommendations? > > V/R > > _Mario --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Database Security
Hello, I would like to move off the existing database server off Django. Currently, my settings.py file include the following configuration: DATABASE_ENGINE = 'mysql' # 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3' or 'oracle'. DATABASE_NAME = 'golf_prod' # Or path to database file if using sqlite3. DATABASE_USER = 'dbadmin' # Not used with sqlite3. DATABASE_PASSWORD = 'x' # Not used with sqlite3. DATABASE_HOST = '' # Set to empty string for localhost. Not used with sqlite3. DATABASE_PORT = '' # Set to empty string for default. Not used with sqlite3. Question – I need to move the Mysql Server off our DMZ and into our protected internal network. Can I simply point the URL in the DATABASE_HOST . Any suggestions or recommendations? V/R _Mario --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
