Hello all A while ago, our company had an Postgres DB that was Hacked login db to modify data found that pg_hba.conf is not work Any ip, user can log in to DB
1. The rules in pg_hba.conf are almost invalid 2. pg_hba.conf is only useful for METHOD = trust 3. check SHOW hba_file; the file location is correct 4. select * from pg_hba_file_rules; checked is correct 5.DB version : PostgreSQL 10.19 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 4.8.5 20150623 (Red Hat 4.8.5-44), 64-bit Even if you delete the text in pg_hba.conf Keep only host VJ VJ_USER 10.10.10.1/32 md5 After pg_ctl reload and Restart DB , any ip, user still can log in to DB Please help how to check whether the pg_hba.conf service is defective If you need any information, I will provide it Thanks
