Need recommendations for Xojo Hosting

  1. ‹ Older
  2. 7 weeks ago

    Norman P

    Sep 26 Pre-Release Testers, Xojo Pro Outside
    Edited 7 weeks ago

    ssh tunnels can be set up programmatically
    been there done that

    macOS its pretty simple
    windows is trickier since it may not have a suitable cmd line app to do the tunnel installed

    EDIT : here's examples - look at remote fowarding
    https://www.ssh.com/ssh/tunneling/example

    basically when you forward a port like this you connect LOCALLY to whatever port and its forwarded to the remote one using SSH
    it behaves exactly like a local connection

    EDIT 2: here one for Windows set up using PUTTY
    https://docs.bitnami.com/bch/faq/get-started/access-ssh-tunnel/

  3. Derk J

    Sep 26 Pre-Release Testers, Xojo Pro

    Once there was an open souce webapplication that could create rest api’s easily from databases perhaps it was Aloe’s first release or so i’m not sure but it could be an easy solution for your issue.

    Luna it was
    https://github.com/timdietrich/luna

  4. Richard A

    Sep 26 Pre-Release Testers, Xojo Pro Puerto Vallarta Mexico

    In order for it to work, you first have to deploy an app from Xojo, so the other users would not be able to connect. It could work for me but not other users.

    So I can’t see XC working at all if you they make some concessions.

  5. Norman P

    Sep 26 Pre-Release Testers, Xojo Pro Outside

    middleware would be a decent solution BUT since it requires rearchitecting see my previous post (which I edited twice) about port forwards

    other than that 1701's serverwarp may suit
    dunno about other options short of your own VPS but then you get all the security headaches as well

  6. Richard A

    Sep 26 Pre-Release Testers, Xojo Pro Puerto Vallarta Mexico

    Norman,

    I ran the command ssh -L 5432:localhost:5432 dbadmin@x.x.x.x -N

    and it timed out.

    Then deployed an app using Xojo to Xojo Cloud.

    Then ran the command again, This time it connected and prompted for the Password. It seems if your not on a static IP it won't work.

  7. Richard A

    Sep 26 Pre-Release Testers, Xojo Pro Puerto Vallarta Mexico

    @Norman P

    What is 1701's serverwarp?

  8. Norman P

    Sep 26 Pre-Release Testers, Xojo Pro Outside

    it sure does
    but if your behind a natted router etc then you may need to forward ports on your router to your machine

  9. Richard A

    Sep 26 Pre-Release Testers, Xojo Pro Puerto Vallarta Mexico

    But I can't do that for my users. They may be anywhere.

  10. Greg O

    Sep 26 Xojo Inc scout.galaxy.barn
    Edited 7 weeks ago

    @RichardAlbrecht But I can't do that for my users. They may be anywhere.

    FWIW, you shouldn’t be giving away your SSH tunnel access to your users anyway. It’s a HUGE security risk because any one would have unprotected access to the database. It’s for management purposes only.

  11. Greg O

    Sep 26 Xojo Inc scout.galaxy.barn

    The other problem I foresee is that if one of your customers leaves, you’ll need to reset that ssh password... and then update all of your customers.

    There is also the possibility that we could change how databases are accessed remotely in the future.

  12. Richard A

    Sep 26 Pre-Release Testers, Xojo Pro Puerto Vallarta Mexico

    @Greg OLone

    It won't work anyway, as the users have random ips as I said above. Our users consist of 4 employees and they don't know sql from a tree. Security is not a concern in this case.

  13. Greg O

    Sep 26 Xojo Inc scout.galaxy.barn

    @RichardAlbrecht @Greg OLone

    It won't work anyway, as the users have random ips as I said above. Our users consist of 4 employees and they don't know sql from a tree. Security is not a concern in this case.

    I'm hearing from Jason that you got this issue figured out though. That's good to hear.

  14. Christian S

    Sep 26 Pre-Release Testers, Xojo Pro, XDC Speakers, Third Party Store Germany

    SSH Tunnel?

    We have a plugin class for that: See SSH2TunnelMBS class in MBS Xojo Network Plugin .

  15. Richard A

    Sep 26 Pre-Release Testers, Xojo Pro Puerto Vallarta Mexico

    @Greg OLone

    He just sent me an email that he may have a solution, but I have no idea.

  16. Richard A

    Sep 26 Pre-Release Testers, Xojo Pro Puerto Vallarta Mexico

    @ChristianSchmitz

    If they can solve the problem of connecting from random IP addresses then I will look into this. Thanks

  17. Greg O

    Sep 26 Xojo Inc scout.galaxy.barn

    @RichardAlbrecht @ChristianSchmitz

    If they can solve the problem of connecting from random IP addresses then I will look into this. Thanks

    There’s nothing to solve. You just need to be careful not to “ping” the server and not do a port scan and you’ll probably be fine.

  18. Richard A

    Sep 26 Pre-Release Testers, Xojo Pro Puerto Vallarta Mexico

    @Greg OLone

    I was unable to connect until I deployed an app from Xojo. It then connected fine. So how can there not be a problem to solve?

  19. Greg O

    Sep 27 Xojo Inc scout.galaxy.barn

    @RichardAlbrecht @Greg OLone

    I was unable to connect until I deployed an app from Xojo. It then connected fine. So how can there not be a problem to solve?

    Your inability to connect to the server was because of how you had been attempting to communicate with the server previously. Deploying to your server temporarily lifts some of the security restrictions so that you can connect and upload an app from your computer, but acting like a potential intruder certainly can surely get you blocked.

    For example, Pinging has an ever increasing penalty, so the more you use it, the longer you’ll be denied access. Also, attempting to connect on multiple ports in a short period of time also carries a penalty, so trying to connect to ssh and one of the databases directly and http might also have gotten you blocked for a time.

    The point is that a Xojo Cloud server is not just a Virtual Private Server with a simple firewall and some software to interact with our IDEs. its more equivalent to a managed server with an adaptive firewall, an intrusion detection system, Security Enhanced Linux and regular system updates. Think of the difference between having a simple lock on a doorknob and also having a deadbolt, a German Shepard, an alarm system and a hundred kilo safe when trying to protect your valuables. Yes, you may never need all that stuff and they may be inconvenient, but if you do, you’re much better off having had it there in the first place. Unfortunately, the only way to tell the good guys from the bad is by how they behave. Just like the home security example, if you try to break in or act aggressively, you’re going to attract someones attention, the police are probably going to show up and you’ll almost definitely get bitten.

    We’ve found that the most important thing is not to get frustrated if you’re running into problems. I know it sounds counterintuitive, but people who have any previous server experience tend to start aggressively trying to contact their server when something goes awry. To the server, that looks exactly like the preamble to an attack. The secret is to take a deep breath and give the server’s security systems a chance to settle down. Once they do, you’ll be granted access again. The trick being that if you try again too soon, you will just extend your timeout period. 5 or 10 minutes ought to do it... or as we’ve said before... just deploy a simple app from the IDE.

  20. Richard A

    Sep 27 Pre-Release Testers, Xojo Pro Puerto Vallarta Mexico

    @Greg OLone

    I get all that. Very well written btw. You should turn it into a blog post.

    My question is how can a user of mine make an ssh connection when they don't use Xojo. They are not programmers, they are users.The have dynamic ip addresses. They may be anywhere from home, office or some hotel. That's what I'm referring to when I say that there's a problem to solve.

  21. Brandon W

    Sep 27 Pre-Release Testers, Xojo Pro

    @RichardAlbrecht My question is how can a user of mine make an ssh connection when they don't use Xojo. They are not programmers, they are users.The have dynamic ip addresses. They may be anywhere from home, office or some hotel. That's what I'm referring to when I say that there's a problem to solve.

    If you use Christian's class, then your users will not have to do anything. Your app can create the tunnel and connect to the database. Unless Xojo's hosting limits SSH connections to defined IP addresses (which I do not know). Security of this method is another topic.

or Sign Up to reply!