Trusted Sources is a security feature for Latitude.sh Databases that allows you to control which IP addresses can connect to your database. This feature helps enhance your database security by limiting access to known and trusted IP addresses.

Understanding Trusted Sources

When you enable Trusted Sources for your database:
  • You can specify which IP addresses or CIDR ranges are allowed to connect.
  • Connection attempts from IP addresses not on your allowed list will be rejected.
  • This provides an additional security layer alongside your database’s authentication mechanisms.
This feature is useful for:
  • Limiting database access to only your application servers.
  • Restricting connections to specific office or development environments.
  • Reducing your database’s exposure to potential unauthorized access attempts.

Enabling and configuring Trusted Sources

Here is how you can enable Trusted Sources:
1

Configure trusted IP addresses

For an existing database, navigate to the database overview page and find the Trusted Sources section. Enter the IP addresses or CIDR ranges that should be allowed to connect to your database. For example: 203.0.113.1 for a single IPv4 or 203.0.113.0/24 for an IPv4 range. IPv6 addresses and CIDR ranges (e.g., 2001:db8::/32) are also supported.Add multiple entries as needed, with each IP address or CIDR range on a separate line.
Once enabled, a fingerprint icon will appear next to your database in the database list, indicating that Trusted Sources is enabled.

Important considerations

When using Trusted Sources, keep these important points in mind:
  1. Test carefully before enabling in production: Always verify that your application servers and development environments can connect after enabling.
  2. Include all necessary IPs: Make sure to include all IP addresses that legitimately need access, including:
    • Your application servers.
    • CI/CD systems that run database migrations.
    • Development environments.
    • Database administration tools.
  3. Dynamic IP considerations: If you’re connecting from environments with dynamic IPs (like home networks), you may need to update your Trusted Sources configuration when your IP changes.
  4. Backup access plan: Have a plan for updating your Trusted Sources configuration if your server IPs change or if you need to access the database from a new location.

Troubleshooting

If you’re having trouble connecting to your database after enabling Trusted Sources:
  1. Verify your current IP: Check your current public IP address (you can use services like whatismyip.com) and ensure it’s included in your allowed list.
  2. Check for IP changes: If you’re connecting from a dynamic IP environment, your IP may have changed since you configured Trusted Sources.
  3. Verify CIDR notation: If using CIDR notation, ensure it’s correctly formatted (e.g., 192.168.1.0/24).
  4. Temporarily disable for testing: If needed, you can temporarily disable Trusted Sources to verify if it’s causing your connection issues.
If you’re locked out of your database due to Trusted Sources configuration, contact Latitude.sh support for assistance.