couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dan Santner <>
Subject Re: CouchDB security
Date Fri, 21 Feb 2014 15:06:17 GMT
I am personally not a fan of opening up port 5984 to the world or even a reverse proxy to 5984
open to....the world.

But it sounds more like you are interested in protecting against someone flooding your database
with crap?

In that case, you can always do small things like only accepting post through ajax/javascript
and maybe throttling through your webserver, only allowing X number of posts per cookie??

It's a tough problem for sure because you have competing requirements.  Anyone can post, but
anyone cannot post all the same.

On Feb 21, 2014, at 8:42 AM, Ben Johnson <> wrote:

> Hello,
>  Thanks in advance for your humoring me on a few questions.  I am new to
> this and learning.  I read through the CouchDB guide on security and had a
> few followup questions.
> I am posting information to my CouchDB from a browser.  I will put a few
> precautions and validations for the data in the browser but because of
> nature of the project users will not be required to log in.  I am wondering
> without a log in, how secure should I feel about my database and someone
> overtaking it?  Has someone done this with success?  Can all of the data in
> the database be viewed and or modified from someone using curl and my
> servers address? Anything else that I should of thought about?  The data is
> not sensitive but I still want to preserve its integrity.
> Thanks,
> Ben

View raw message