Hello I am trying to run a website sent to me but after doing so this error appeared

connect to PostgreSQL server: FATAL: no pg_hba.conf entry for host "4X.XXX.XX.XXX", user "userXXX", database "dbXXX", SSL off in C:\xampp\htdocs\xmastool\index.php on line 37

after Googling it it says that i just need to add an entry in the pg_hba.conf file for that particular user. this is my pg_hba.conf file.

# TYPE  DATABASE        USER            ADDRESS                 METHOD
# IPv4 local connections:
local dbXXX userXXX md5
host    dbXXX  userXXX  XX.XXX.XXX.XXX           md5
host    all             all               md5
# IPv6 local connections:
host    all             all             ::1/128                 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#host    replication     postgres            md5
#host    replication     postgres        ::1/128                 md5

but after doing so, the error still persist. I restarted my XAMPP server several times but no changes appears. Thanks in advance

Colin 't Hart
  • 8,973
  • 15
  • 35
  • 41
  • 3,213
  • 2
  • 11
  • 6

12 Answers12


Add or edit the following line in your postgresql.conf :

listen_addresses = '*'

Add the following line as the first line of pg_hba.conf. It allows access to all databases for all users with an encrypted password:

host  all  all md5

Restart Postgresql after adding this with service postgresql restart or the equivalent command for your setup. For brew, brew services restart postgresql

Jérôme Radix
  • 3,936
  • 1
  • 10
  • 2
  • 10
    Note that for this to work, [a password must have been set for the user](http://suite.opengeo.org/docs/latest/dataadmin/pgGettingStarted/firstconnect.html): `sudo -u psql postgres` , then `\password` at the resultant sql prompt will prompt for setting one. – ijoseph May 30 '18 at 21:54
  • 5
    If you want a little extra security limiting the connections to private domains (such as within an office, and not the rest of the Internet), you can change the first number to 10, 172 or 192 to match your network: for example instead of – Nate Wanner Feb 28 '19 at 13:49
  • 3
    You also need to add a line with an address of `::0/0`, otherwise connections from IPv6 addresses will still be rejected. – Herohtar Oct 18 '19 at 21:31
  • 1
    I would add one other best practice when editing .conf files for any application, be sure to first make a backup copy ending with .bak or similar. Then in the edited file sandwich your edits in comment lines to note begin and end of your changes as well as a comment line for the purpose and who to contact. This will save you much trouble later. Be sure to make notes of what was changed and in what files, where, and put those notes in a consistent place that is related and locatable. – uchuugaka Dec 05 '19 at 00:55
  • I had to add a firewall rule before the above worked, run the following in an elevated powershell window. New-NetFirewallRule -DisplayName "WSL" -Direction Inbound -InterfaceAlias "vEthernet (WSL)" -Action Allow – baldy Mar 18 '21 at 08:59
  • That's no so smart - now any IP can connect - you might want to limit it to your internal network addresses. More precisely, to the narrowest range of your internal network addresses that need access. – Quandary Oct 17 '21 at 19:11

This solution works for IPv4 / IPv6:

Edit pga_hba.conf File

Open up the pga_hba.conf file in your favourite editor:

[root@localhost ~]#  nano /var/lib/pgsql/data/pg_hba.conf

Append To pga_hba.conf File

Append the following lines to the end of the pga_hba.conf file:

host all all      ::1/128      md5
host all postgres md5

Quit and save the editor of your preference.

Restart Service

Restart the postgresql service with the following command:

[root@localhost ~]# /etc/init.d/postgresql restart
John K. N.
  • 15,418
  • 10
  • 43
  • 97
Jose Nobile
  • 473
  • 4
  • 7

The way I solved this was:

Added the line as below in pg_hba.conf:

hostnossl    all          all    trust        

and this was modified in postgresql.conf, as shown:

listen_addresses = '*'  

I had this instance running on a Centos 7.3 and Postgres 9.5 in a VM in Azure, given this was a POC (proof of concept) you won't want to connect without SSL in your actual prod environment.

To connect to the instance I was using pgAdmin 4 on macOS Sierra.

  • 12,604
  • 7
  • 32
  • 63
Roberto Lopez
  • 361
  • 3
  • 2
  • 8
    Not only SSL... on anything that is not a proof of concept and is network acessible, you would not *trust* connections, you would require some *authentication*. – joanolo Jun 05 '17 at 06:44

Fresh Postgres 9.5 install, Ubuntu.

The key was the local connection type, since psql uses domain socket connection.


local all all md5
host  all  all md5
  • 131
  • 1
  • 3

Instructions for Debian users.

Login as posgres user:

$ sudo su - postgres

Get the location of pg_hba.conf by quering the database:

$ psql -c "SHOW hba_file;"

(1 row)

Open pg_hba.conf:

nano /etc/postgresql/11/main/pg_hba.conf

Add configuration where it says "Put your actual configuration here":

host  all  all md5

Logout to your user:

$ exit

Restart your postgres server for changes to take effect:

$ sudo systemctl restart postgresql
  1. Add the following line in the bottom of pg_hba.conf:

    hostnossl all all md5

  2. Add/modify the line in postgresql.conf:

    listen_addresses = '*'

  3. MAKE SURE THAT the user that is connecting has a password: (Example connect user named postgres)

    a. Run the following psql command with the postgres user account:

    sudo -u postgres psql postgres

    b. Set the password:

    # \password postgres

enter image description here

  • 201
  • 2
  • 4

This below worked for me: (pg_hba.conf)

# TYPE  DATABASE        USER            ADDRESS                 METHOD
# "local" is for Unix domain socket connections only     
local   all             all                                     md5
# IPv4 local connections:
host    all             all               trust
host    all             all                  trust
# IPv6 local connections:
host    all             all             ::1/128                 trust
host    all             all                  trust


Allow the connection unconditionally. This method allows anyone that can connect to the PostgreSQL database server to login as any PostgreSQL user they wish, without the need for a password or any other authentication.


Require the client to supply a double-MD5-hashed password for authentication.

refer for more here

  • 169
  • 1
  • 5

I had the same error when I tried to connect to a local database using an SSH tunnel. I solved it by changing the host name from localhost to

  • 201
  • 3
  • 3

In my case I ran into this where I didn't have access to edit any conf files on the server (.NET connecting to a managed db on DigitalOcean) so the other answers weren't an option.

The host provided me a postgresql:// connection URL which had a ?sslmode= option on the end. I got the exact same error until I added "SSL Mode=Prefer;Trust Server Certificate=true;" to my translated .NET connectionString.

That may not be the optimal solution for me or for you, but I wanted to point out it's possible that this is an issue with the connection string rather than the server config.

  • 191
  • 2
  • 7
  • 2
    I had same issue. When connecting with Npgsql, if database expects SSL connection and you omit it from connection string, then you get a bizarre pg_hfa.conf error. – JamesHoux Dec 08 '20 at 19:55

In my case, I had to add the exact line as suggested by the error information. Cannot bypass it by adding "all" users with all IPs as rule. Now it is like:

PosgreSQL 10.5 on CentOS 7.

# IPv4 local connections:
host    all             all                       md5
host    <db_name>       postgres        <my_client_machine_ip>/32       md5
  • 131
  • 4

Find the correct configuration file:

su - postgres -c "psql -t -P format=unaligned -c 'show hba_file';"

Add the following at the end of file:

local all all peer

Then restart your PostgreSQL application:

/bin/systemctl restart postgresql*.service
  • 161
  • 5

According to the link https://docs.bitnami.com/aws/apps/noalyss/administration/configure-pgadmin/.

For PgAdmin 4 on Windows. I added these lines below


host all all all md5

and modify postgresql.config:

listen_addresses = '*'