DEV Community

Pacharapol Withayasakpunt
Pacharapol Withayasakpunt

Posted on

How secure do I need to connect a website to a database?

Things like

But Heroku or Google App Engine has multiple rotating IP addresses. If so, is it even safe, if possible, to register or fix a static IP address, so that IP whitelisting works properly?

Top comments (2)

Collapse
 
caleb15 profile image
Caleb Collins-Parks

If your server and database are in a VPC (virtual private cloud) then the database is only accessible from places within the VPC, like the server. That would go a long way to securing the connection. You would still have to make sure the VPC and entryway into the VPC is secure of course.

aws.amazon.com/vpc/?vpc-blogs.sort...

Collapse
 
wagslane profile image
Lane Wagner

If your doing it all within the same cloud environment there are specific rules you can setup. For example, you can just open the security group your app is a part of.