DigitalOcean

Report this

What is the reason for this report?
Question

Securing VueJS App and MariaDB Database on Droplet

Posted on May 4, 2021
Security
Vue.js
MariaDB
Server Optimization
sarogersz

By sarogersz

I have a VueJS web app that uses MariaDB for database. I have had this running fine on my droplet, without HTTPS, and I added SSL using Let’s Encrypt. The app continued to work for awhile, but then stopped for some reason, apparently a bug in the code (I didn’t change the code). In any event I have been working on getting it back up and running.

I realize now that the easy SSL process I used did not update MariaDB for using SSL, so I started looking at that. This looks like a very involved procedure that I’m not currently ready to tackle.

I am considering various options for the current alpha release of the app, which include:

  1. Remove SSL from the whole app
  2. Leave SSL on for the VueJS and back end, and move Mariadb to a separate host that doesn’t have SSL.
  3. same as 2 except engage with MariaDB hosting service that provides SSL as part of the hosting.
  • problem with this would be new complexity in configuring the web app as a MariaDB client that has SSL enabled.
  1. ???

Obviously I am not an expert in this SSL topic…

I am looking for advice. My priorities:

  1. Try to get a secured stack if practical, considering…
  2. As my focus is ongoing development during a lengthy alpha phase, avoid incurring a lot of IT management overhead in keeping complex deployment structure up and running.
  3. Keep costs down until beta and production releases.

Through the alpha phase I will learn much more about deployment and DevOps, and become much more knowledgeable about managing a fully secured and performant web app.

Thanks much. So far I am very pleased with Digital Ocean!

Stephen



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
KFSys
KFSys
November 2, 2023

Securing your Vue.js application and MariaDB database on a Digital Ocean droplet involves several steps, balancing security, manageability, and cost. Here are some strategies that align with your priorities:

Simplified Deployment

  1. Docker Compose: Use Docker Compose to manage your Vue.js and MariaDB services. Docker will help encapsulate your environment and dependencies, making it easier to move from development to production without significant changes.

  2. Managed Database: Consider using Digital Ocean’s Managed Databases for MariaDB when you move to beta/production. This takes away much of the overhead of managing the database server.

Security

  1. HTTPS: Use Let’s Encrypt to obtain a free SSL certificate and ensure all communication is over HTTPS.

  2. Firewall: Utilize Digital Ocean’s cloud firewalls to restrict access to your droplet. Only allow SSH (port 22), HTTP (port 80), and HTTPS (port 443).

  3. SSH Keys: Use SSH keys instead of passwords for server login to reduce the risk of brute-force attacks.

  4. Database Security: Ensure MariaDB is not accessible from outside your droplet. Use strong passwords and consider using database user privileges wisely.

  5. Regular Updates: Keep your server’s software updated with the latest security patches. Enable unattended-upgrades for automatic security updates.

  6. Backups: Use Digital Ocean’s backup service to regularly back up your droplet.

Performance

  1. Nginx: Use Nginx as a reverse proxy for your Vue.js app. Nginx is efficient and can help with load balancing if you scale up later.

  2. Caching: Implement caching strategies within your app to reduce database load.

Cost-Effective Strategies

  1. Scale with Demand: Start with a small droplet and scale up as your needs grow. Monitor your usage and only scale when necessary.

  2. Monitoring: Use Digital Ocean’s built-in monitoring tools to keep track of your droplet’s performance and adjust resources accordingly.

  3. Deals & Credits: Look out for any promotions, credits, or referral programs Digital Ocean might offer to reduce costs.

Learning DevOps

  1. Community & Tutorials: Utilize Digital Ocean’s extensive community tutorials to learn about deployment and DevOps.

  2. Version Control: Use Git for version control and integrate your repository with CI/CD pipelines for automated testing and deployment.

  3. Infrastructure as Code: Familiarize yourself with tools like Terraform to manage your infrastructure as code, which is beneficial for maintaining and scaling your application’s infrastructure.

Remember, security and performance are ongoing tasks. As you learn and your application grows, you’ll find more ways to improve and streamline your deployment process. Digital Ocean has an active community and plenty of resources, so make use of those as you progress through your development phases.

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.