How to Protect security to my Couchbase Sync Gateway IP Address

Hi,

Im able to see the list of documents on my web Browser by using this url myserverurl/db/_all_docs

How to provide authentication, if any body want to tamper my server.

@itssrinadh

That looks like a Sync Gateway REST API Resource rather than a Couchbase Server REST API Resource?

Is your question related to securing Sync Gateway access?

Yes it’s sync gate way

@itssrinadh

Sync Gateway has two separate REST API’s one public (default port 4984) and one ADMIN (default port 4985).

Typically the public API will be exposed to the internet, you can force users to authenticate by disabling the GUEST user account for you database /‘db’ in the sync_gateway.json file:

"db": {
                        "server": "walrus:data",
                        "users": {
                                "GUEST": {"disabled": true}
                        }
                }

The ADMIN API does not use authentication, this would normally not be exposed to the Internet, you can force this API to bind to a private interface e.g. the loopback interface ‘127.0.0.1’ in the sync_gateway.json file:

"adminInterface": "127.0.0.1:4985",
        "databases": {
                "db": {

Now ADMIN REST API can only be accessed by logging into the Sync Gateway Server, alternatively if your server has multiple interfaces defined you can bind to one that is only accessible on your internal private network.

There is documentation on the Sync Gateway configuration options here

There is documentation on binding the interfaces and user authentication here

@andy Awesome job, thanks you so much.

@andy I don’t know, i am doing right or wrong. please assist me on this. i got to following path in my linux server Couchbase-by-Example/07-deploy-digital-ocean then i found some of the files here.

i went to VI editor for both production-sync-gateway-config.json and sync-gateway-config.json and disabled true for GUEST user as like below.

But still im able accessing PUBLIC REST API on internet. my public REST API is myurl:4984/db/_all_docs

if this is wrong, where i can find my /db of couchbase server path on linux server.