Securing the Local PostgreSQL Database

Security settings are stored in a PostgreSQL database on the local server that hosts the Web Application component. By default, two roles are provided 'prognosis' and 'postgres'. These roles will initially be set up with default passwords. PostgreSQL is included with the installation on all MS Windows machines, so it is recommended to change this password on all these installations.

This section will describe how to set up and secure the PostgreSQL database for use within the environment.

Securing PostgreSQL will require some downtime, it is recommended that the following procedures be carried out over off-peak hours or during a maintenance period.

Before commencing these procedures, ensure that the server firewall exception rules have been applied, this includes the PostgreSQL port 5432.

Recommendations

In all environments, the following approach is recommended:

  • Change the passwords for both the 'prognosis' and 'postgres' users on all servers to prevent unauthorized access to the security settings.

Configuration

The following pages provide instructions for setting up security aspects for the PostgreSQL software.

Provide feedback on this article