On Wed, Aug 3, 2011 at 9:27 AM, Jan Wedekind <jan.wedek...@gmail.com> wrote: > Hi Sam, > > On Tue, Aug 2, 2011 at 03:36, Sam Bisbee <s...@sbisbee.com> wrote: > >> All of that being said, there should be a checklist of steps to lock >> CouchDB down. If no one has seen one floating around the Web yet, then >> I'll start putting one together. >> > > That would be really helpful, at least I can't find anything comprehensive > on the whole topic and the more I read, the more confused I get.
I smell a blog post. :) > On Wed, Aug 3, 2011 at 02:03, Sam Bisbee <s...@sbisbee.com> wrote: > >> You can set an ACL for the _users database. This is called the >> security object, which you can update in Futon with the security >> button. Just set an admin and reader, and only that user (or group of >> users) will be able to access the database. >> > > But with Couch alone, I still need to submit username:password in cleartext > - at least once if I do cookie authentication. Or am I missing something? CouchDB supports SSL as of 1.1.0: http://wiki.apache.org/couchdb/How_to_enable_SSL >> Or Max's suggestion of proxying through a web server. >> > > I cannot find anything on that. Do you know of any post/link where that is > explained in more detail? Sorry for stupid questions :( No worries. :) These should be a good start: http://wiki.apache.org/couchdb/Apache_As_a_Reverse_Proxy http://wiki.apache.org/couchdb/Nginx_As_a_Reverse_Proxy After that, "couchdb apache proxy" and "couchdb nginx proxy" are good Google searches. -- Sam Bisbee www.sbisbee.com
