DB Connections to 'localhost' in production

[lebalz]

Currently a user can specify whatever host wished. What happens if in productive environment a user want to access localhost!? With the current implementation this is a security risk because you could access the servers productive db.

• [x] Easy fix: prevent db connections to localhost in production.

Discussion Could we provide some mechanisms to access local user-databases with a third-party installation like ngrok client-side?

[lebalz]

the easy fix is implemented here