Skip to content

Server security and access configuration

In CloudBeaver, you can manage security and access on several levels. These settings let you control how users sign in, who can access the system, how database connections are secured, and how the server is protected on the network.

You can configure:

  • Authentication - sign-in methods for users
  • Access management - permissions and policies for accounts and teams
  • Connection network options - encryption and tunnels for database connections
  • Network and security settings - domains, proxies, certificates, and secure storage
  • Additional security options - password recovery, credentials storage, provisioning, and restrictions

Authentication

Configure how users sign in. Choose local accounts, enterprise identity providers, or cloud-specific services.

Info

See Authentication methods for a full overview.

Brute force protection

CloudBeaver can protect against brute force attacks on both application login and database connections.

  • Login protection - block users after several failed login attempts
  • Connection protection - temporarily block the ability to connect after repeated failed attempts (for example, wrong database password)

Info

For more details, see Password policy

Access management

Control who can sign in and what they can do. Enforce password rules, assign permissions, and organize users into teams.

Connection network options

Secure database connections at the connection level. Enable SSL, set up SSH tunnels, and manage keys.

Network and security settings

Manage how the server is exposed on the network. Configure domains, proxies, TLS, and secure storage for sensitive data.

Setting Description Reference
Domain manager Configure a custom domain, and apply SSL certificates Domain manager
Reverse proxy Control and filter incoming traffic, enable auth via headers, offload TLS, enforce HTTPS, and configure multiple server URLs Proxy configuration
Secret management Store and retrieve credentials from providers like AWS Secrets or Vault Secret providers
Java security properties Override default JVM crypto properties for compliance and security policies Java security properties

Additional security options

CloudBeaver also provides extra security features that complement authentication, access control, and connection settings.

Setting Description Reference
Password recovery Restore access if the main password is lost Admin password recovery
User credentials storage Control how saved credentials are stored and protected User credentials storage
Pre-configured permissions Define default permissions for new database connections Pre-configured permissions
User provisioning Automate account creation and updates with provisioning systems Provisioning users
Proxy header authentication Authenticate users via trusted reverse proxy headers Reverse proxy header authentication