Related

Product App Platform: Run Docker containers without managing servers Product
How did my database got hacked ? Question Question
Connect to DB installed into dedicated VPS (private networking) Question Question

Question

Securing Dockerized MERN app via HTTPS?

Posted August 2, 2020 1.1k views
Node.jsSecurityDockerReactDigitalOcean Managed Load Balancers

I am building a MERN stack application in docker containers, deployed with docker-compose, as a personal project, which i will deploy. i am curious how i go about securing this.

i know that i need to setup https between the client and my backend(api), and have seen several examples where they set up an nginx server in the frontend(react app) container. how does this nginx server differentiate requests to the api (logging in/fetching sensitive data) and requests for the webpage iteself.

the terms load-balancer and reverse proxy come up alot.

is it possible to set up a digital ocean load balancer with https proxying which points to my droplet on my vpc?

i’m very new to this, but very interested in learning all i can, thanks for any help!

Add a comment
tylerbeaumont123
By:
tylerbeaumont123

Related

Product App Platform: Run Docker containers without managing servers Product
How did my database got hacked ? Question Question
Connect to DB installed into dedicated VPS (private networking) Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
bobbyiliev September 6, 2020

Hi there,

Yes indeed, using a Managed Load Balancer and doing your SSL termination there sounds like a good setup. This would also allow you to scale up your application in the future if needed.

Another thing you could do is have an Nginx container on your Droplet with Let’s Encrypt. You can actually follow the steps from this tutorial on how to set up the Nginx part:

https://www.digitalocean.com/community/tutorials/how-to-secure-a-containerized-node-js-application-with-nginx-let-s-encrypt-and-docker-compose

The tutorial will show you how to do this for NodeJS but the Nginx part should be quite similar despite the backed.

Regards,
Bobby

How To Secure a Containerized Node.js Application with Nginx, Let's Encrypt, and Docker Compose
by Kathleen Juell
Secure your containerized Node.js application by following this tutorial, which shows you how to deploy a Node.js application with an Nginx reverse proxy using Docker Compose. You will obtain certificates for your application domain with Let's Encrypt and ensure that your application receives a high security rating.
Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help