Things like
- IP whitelisting / blacklisting
- The Twelve Factor App
But Heroku or Google App Engine has multiple rotating IP addresses. If so, is it even safe, if possible, to register or fix a static IP address, so that IP whitelisting works properly?
Top comments (2)
If your server and database are in a VPC (virtual private cloud) then the database is only accessible from places within the VPC, like the server. That would go a long way to securing the connection. You would still have to make sure the VPC and entryway into the VPC is secure of course.
aws.amazon.com/vpc/?vpc-blogs.sort...
If your doing it all within the same cloud environment there are specific rules you can setup. For example, you can just open the security group your app is a part of.