Question

Securing Dockerized MERN app via HTTPS?

I am building a MERN stack application in docker containers, deployed with docker-compose, as a personal project, which i will deploy. i am curious how i go about securing this.

i know that i need to setup https between the client and my backend(api), and have seen several examples where they set up an nginx server in the frontend(react app) container. how does this nginx server differentiate requests to the api (logging in/fetching sensitive data) and requests for the webpage iteself.

the terms load-balancer and reverse proxy come up alot.

is it possible to set up a digital ocean load balancer with https proxying which points to my droplet on my vpc?

i’m very new to this, but very interested in learning all i can, thanks for any help!


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Accepted Answer

Hi there,

Yes indeed, using a Managed Load Balancer and doing your SSL termination there sounds like a good setup. This would also allow you to scale up your application in the future if needed.

Another thing you could do is have an Nginx container on your Droplet with Let’s Encrypt. You can actually follow the steps from this tutorial on how to set up the Nginx part:

https://www.digitalocean.com/community/tutorials/how-to-secure-a-containerized-node-js-application-with-nginx-let-s-encrypt-and-docker-compose

The tutorial will show you how to do this for NodeJS but the Nginx part should be quite similar despite the backed.

Regards, Bobby

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.