Securing Database Server with SSL Necessary?

March 17, 2016 2.4k views
MySQL Security LAMP Stack Ubuntu

Hello All,

I recently followed the How To Set Up a Remote Database to Optimize Site Performance with MySQL tutorial and now have my web server separated from my database server. While my web server is secured with an SSL certificate from Namecheap, the database server is not.

Is securing the database server with an SSL certificate necessary and/or a good idea? Are connections between the web and database server already secure as a result of the private networking?


3 Answers

It’s really your own decision. Maybe you trust DigitalOcean’s infrastructure to be secure, maybe you don’t. If you don’t, put VPN or TLS in place.

I actually don’t have reply to your actual question but still wanted to throw a suggestion: you said you’re paying to Namecheap for SSL certs. I suggest you to switch over Cloudflare, they’ll provide free (yes, free!) SSL certs (and they also provide protection for attacks etc.).

Since you have two servers, i’d be inclined to say “maybe”. If it was localhost I’d say no (then you would use sockets or local TCP connection).

Have another answer? Share your knowledge.