WebDB
Links
  • πŸ‘‹Welcome to WebDB Documentation
  • Installation
    • 1️⃣Standalone
    • πŸ”’Compose
    • ☸️K8S
    • πŸ–₯️Native
    • πŸ›‘οΈSecurity
    • ❌Uninstall
  • Connection
    • DBMS Discovery
    • Credentials Guessing
    • SSH Tunnel
  • Database
  • Interface
    • Schema
    • Database
    • Table
    • Relations
    • Structure
    • Offline
    • Symbols
    • Configuration
  • Explore
    • Explore
    • Search
    • Update
    • Batch Update
  • Query
    • Editor
      • Autocomplete
  • Structure
    • NoSQL inferring limitation
  • Insert
    • Generator
    • Framework embed
    • Foreign Key / Enum
    • Autocomplete
    • Error
  • Monitoring
    • Stats
    • Process List
  • Time machine
  • Compare
  • Blob
  • Encoding / Collation
  • Complexes
  • Backend
    • Configuration
    • Data storage
    • Docker container
  • Compatibility
  • More
    • Offline
    • Business Model
    • Alternatives
Powered by GitBook
On this page
  • Eval is evil
  • SSH Tunnel

Was this helpful?

  1. Installation

Security

PreviousNativeNextUninstall

Last updated 8 months ago

Was this helpful?

Eval is evil

Because WebDB is preliminary designed for developper, some code are evaluated (eg MongoDB queries).

There is no alternative possible to eval for powerful code execution so: exposing WebDB is highly discouraged because of an eval for query runner.

If for some reason, you really need to install WebDB on a public server, change the variable to mitigate attacks

SSH Tunnel

Prefer SSH Tunnel option if you need to connect to remote server. The feature is available when adding manually a connection. Basically WebDB will connect to through a SSH serveur with user/password or public key

If you use Docker you can also add a docker image near the database container to end the SSH tunnel :

πŸ›‘οΈ
PROTECTED_MODE
openssh-server