Securing VueJS App and MariaDB Database on Droplet

I have a VueJS web app that uses MariaDB for database. I have had this running fine on my droplet, without HTTPS, and I added SSL using Let’s Encrypt. The app continued to work for awhile, but then stopped for some reason, apparently a bug in the code (I didn’t change the code). In any event I have been working on getting it back up and running.

I realize now that the easy SSL process I used did not update MariaDB for using SSL, so I started looking at that. This looks like a very involved procedure that I’m not currently ready to tackle.

I am considering various options for the current alpha release of the app, which include:

  1. Remove SSL from the whole app
  2. Leave SSL on for the VueJS and back end, and move Mariadb to a separate host that doesn’t have SSL.
  3. same as 2 except engage with MariaDB hosting service that provides SSL as part of the hosting.
  • problem with this would be new complexity in configuring the web app as a MariaDB client that has SSL enabled.
  1. ???

Obviously I am not an expert in this SSL topic…

I am looking for advice. My priorities:

  1. Try to get a secured stack if practical, considering…
  2. As my focus is ongoing development during a lengthy alpha phase, avoid incurring a lot of IT management overhead in keeping complex deployment structure up and running.
  3. Keep costs down until beta and production releases.

Through the alpha phase I will learn much more about deployment and DevOps, and become much more knowledgeable about managing a fully secured and performant web app.

Thanks much. So far I am very pleased with Digital Ocean!



Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!