Without appropriate measures, the Internet is an unsafe playground for any developer. Implementing certificates correctly is not necessarily the easiest task, and built-in protection is of course worth nothing if it is not also implemented correctly.
The simplest protection is to shield the productive server to be used very well and, if possible, not opening it at all. Often, as a beginner, you are tempted to open the ports for the database, at the latest when your program does not work properly on the productive machine, but you want to debug your solution.
However, a permanent opening of ports is not necessary for this. You can open a tunnel via SSH and map the ports to the server. Thus, the local computer treats the remote distance as if it were available on the local computer, i.e. a database on the production system can be integrated into the development environment as if it were available locally and you can easily and relatively safely search for errors.
ssh -L myRemotePort:localhost:myLocalPort myadminuser@myserver -N
For a Postgres database, both port variables will be 5432, and for mySQL 3306 (assuming you didn’t change the standard ports!)
In Xojo you might want to automate this process, as such that in local debugging the IDE automatically opens an SSH tunnel to your server. The below code skeleton will be your friend, which you have to put into the “opening” event of your app.
"ssh -o ConnectTimeout=15 myadminuser@myserver -L 5432:127.0.0.1:5432 -N -v &" sshshell.Execute(cmd) // to let the ssh tunnel get established Var timeout As Integer = System.Ticks + 60*10 While System.Ticks < timeout And Not tunnelDidOpen app.DoEvents(100) Wend If System.Ticks >= timeout Then // Couldn’t establish the SSH Tunnel var response As String = sshshell.Result quit(1) End If #EndIfsshshell = New shell AddHandler sshshell.DataAvailable, AddressOf Shell_DataAvailable sshshell.ExecuteMode = shell.ExecuteModes.Asynchronous Dim cmd As String =
In the “root” of your App you need to define a property SSHShell (As Shell) and a method (in my example above: Shell_DataAvailable) with the following code:
Static data As String data = data + obj.ReadAll If data.IndexOf(“Entering interactive session.”) > 0 Then tunnelDidOpen = True End If
The below picture is illustrating the configuration in the Xojo IDE:
This is not only working for Xojo, you can mimic such an approach of course for any other development language. The idea is always the same: while debugging: open at the beginning an SSH tunnel to the database in your production environment.
Last but not least you can use an SSH tunnel as well to transfer your files after the build step automatically to your productive system via a bash script called Xojo Script.