Problem connecting to non-local Postgre DB

Hello all,

I am trying to connect to a known good PostgreSQL database. It is running on an Ubuntu Linux server box (in my home). It has a semi static IP with the help of DynDNS. Applications run ON the server, connect and interact with the PostgreSQL server perfectly. I can also connect to it, and manage it through phpPgAdmin, and Webmin.

I am trying something new. Connecting from a distant application directly TO the PostgreSQL db. The connection string appears fine including the database name, the port 5432, the login and pw are the same used in the apps that run ON the server, as well as allowing connections via phpPgAdmin. However, I get an error everytime. I have tried using both the dyndns IP name, as well as the local (192) address. Both yield the same error - 1. Could not connect to server: Connection timed out…

Is the server running on host… and accepting TCP/IP connections on port 5432?

Can anyone suggest what is wrong and how to fix it? I am pretty sure it is a permissions error, but the DSL modem is set for this box to be in a DMZ. So that leaves the OS, Postgre, and ???

Any suggestions would be really appreciated!
Thank you,

PgSQL will bind to localhost by default. You need to make it listen on your external NIC as well. Also, you will probably need to edit the pg_hba.conf file for authentication external to localhost. You really need to know what you are doing when opening your database like this. I’d highly suggest doing a few Google searches to come up with dos and don’ts on this subject.

If you have a firewall on the server, it will most likely be blocking 5432 as well. A lot default to close everything down unless you specifically say you want it open.


are the pages you will need to glance through to get it working, but as I said, really educate yourself on this before making anything of value open to the world.

Hi Jeremy,

Actually I had my doubts is a direct connection was a “good thing” to do to begin with. I was really trying not two apps to facilitate each end.

Can you suggest the ‘better’ practice for this?
Thank you,

In some cases, opening the DB up is fine, you just have to be aware of the vulnerabilities and secure it properly. In other cases, you may wish to put web service, or other TCP/IP service in front of your database. This can provide a nice abstraction layer as well to perform database intensive operations right on the box with the database server, or close to it, instead of over the expensive Internet connection.