Retool DB Security – Missing IP Whitelisting & Brute-Force Protection?

Hi team,

I read this discussion: Securing Retool Database Access: Is there a function to restrict the access source by IP? — and honestly, it’s a bit concerning.

Is there any plan to improve database connection security? At the very least, I’d expect:

• IP whitelisting

• SSH tunneling

• Rate limiting or brute-force protection

Right now, it feels like it’s too easy to attack a Retool-connected PostgreSQL instance if these measures aren’t in place. Does Retool currently offer any protection against brute-force login attempts to connected databases?

If not, could you please prioritize security improvements here? It’s a critical part of production usage.

Can i use any external db and use in the same way as your internal db?

Or do i need to go for self hosted if i want my env secure?

Thanks!

Hi @Daniel_Swenson,
I understand your concerns about database security. It is true that for retoolDB, while we have some security in place, we don't allow users to do things like IP whitelisting. These limitations can be addressed in one of two ways:

1. Still on cloud, you could use a self-hosted postgres database and a postgres resource instead of a RetoolDB resource. All your apps and workflows can use them in the same way.
2. You could go self-hosted which will allow you to use your own infra for RetoolDB rather than our cloud hosted postgres server.

Both of these options enable you to use your own postgres server, so you won't be limited to the security that we enforce for our cloud hosted DB.