Securing VueJS App and MariaDB Database on Droplet
I have a VueJS web app that uses MariaDB for database. I have had this running fine on my droplet, without HTTPS, and I added SSL using Let’s Encrypt. The app continued to work for awhile, but then stopped for some reason, apparently a bug in the code (I didn’t change the code). In any event I have been working on getting it back up and running.
I realize now that the easy SSL process I used did not update MariaDB for using SSL, so I started looking at that. This looks like a very involved procedure that I’m not currently ready to tackle.
I am considering various options for the current alpha release of the app, which include:
1) Remove SSL from the whole app
2) Leave SSL on for the VueJS and back end, and move Mariadb to a separate host that doesn’t have SSL.
3) same as 2 except engage with MariaDB hosting service that provides SSL as part of the hosting.
- problem with this would be new complexity in configuring the web app as a MariaDB client that has SSL enabled. 4) ????
Obviously I am not an expert in this SSL topic…
I am looking for advice. My priorities:
1) Try to get a secured stack if practical, considering…
2) As my focus is ongoing development during a lengthy alpha phase, avoid incurring a lot of IT management overhead in keeping complex deployment structure up and running.
3) Keep costs down until beta and production releases.
Through the alpha phase I will learn much more about deployment and DevOps, and become much more knowledgeable about managing a fully secured and performant web app.
Thanks much. So far I am very pleased with Digital Ocean!