How to secure MySQL droplet with HTTPS

February 28, 2019 453 views
MySQL Security Ubuntu 18.04

I have added a fresh droplet with MySQL from the one-click apps to my account. The entire setup is working fine and I can access PhpMyAdmin as well as log in through terminal to change whatever I want. I used to set up SSL on my other droplets manually, but read it can be done automatically in this article.

Quick question: can I do this automatically and if so, how? Or do I need to go through the entire process using Certbot, changing proxies etc?

Thanks!

2 Answers

Hi,

This works just fine and I know have a URL https://database.mywebsite.com which redirects correctly to the MySQL database login via phpmyadmin. However, I can still access the IP address of the MySQL server with regular http. (http://xxx.xx.xxx.xx/phpmyadmin) which then indicates "not secure" in my browser.

My server communicates with the MySQL database via SSL certificates so I'm confident this works correctly, however I can't find any information on how to secure the IP address itself so accessing the root or phpmyadmin is forced over a secure connection.

Hey friend,

I would say that certbot should do just fine for this, though I'm not certain what you are referring to with proxies. This guide should work well:

https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04

Jarland

by Kathleen Juell
by Erika Heidi
Let's Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. In this tutorial, you will use Certbot to obtain a free SSL certificate for Apache on Ubuntu 18.04 and set up your certificate to renew automatically.
Have another answer? Share your knowledge.