mongolab 和 heroku 之间的连接需要 ssl 吗?
Do you need ssl for connection between mongolab and heroku?
从 heroku 应用程序将数据发送到 mongolab 的免费数据库是否安全。
数据可以是电子邮件和偏好。
或者您需要 ssl,我读过 mongodb ssl。
我四处询问,但找不到任何特定于 mongolab 的内容。
来自 MongoLab 的文档:
Securing communications to your database
You should always try to place your application infrastructure and
your database in the same local network (i.e., datacenter / cloud
region), as it will be the most secure method of deployment and will
minimize latency between your application and database.
When you connect to your MongoLab database from within the same
datacenter/region, you communicate over your cloud hosting provider’s
internal network. All of our cloud hosting providers provide a good
deal of network security infrastructure to isolate tenants. The
hypervisors used do not allow VMs to read network traffic addressed to
other VMs and so no other tenant can “sniff” your traffic.
However, when you connect to your MongoLab database from a different
datacenter/region, your communications are less secure. While your
database does require username / password authentication (with
credentials that are always encrypted on the network), the rest of
your data is transmitted unencrypted over the open internet. As such
you are potentially vulnerable to others “sniffing” your traffic.
Using MongoDB with SSL connections
Available for Dedicated plans running MongoDB 2.6+ only
To further secure communications to your database, MongoLab offers
SSL-encrypted MongoDB connections on Dedicated plans running MongoDB
2.6 or later. Even when using SSL, we still recommend placing your application infrastructure and your database in the same
datacenter/region to minimize latency and add another layer of
security.
我和你做了同样的事情,发了邮件去问mongolab的细节。我得到了答案,与您分享,希望对您有所帮助。
以下为回复。
As long as your Heroku app and MongoLab database are in the same cloud
region, we consider it safe to communicate between Heroku and
MongoLab, as AWS' infrastructure prevents packet-sniffing within
regions. If you use the MongoLab addon on Heroku this is automatic,
but if you use a deployment provisioned directly at mongolab.com
you'll need to manually select the matching region.
看来heroku和mongolab的连接是在同一个区域的。两者都由 AWS 保护,所以我猜你不需要 SSL。如果您需要它非常安全,您仍然需要 SSL 来提供额外的安全性。
希望能帮到你
从 heroku 应用程序将数据发送到 mongolab 的免费数据库是否安全。
数据可以是电子邮件和偏好。
或者您需要 ssl,我读过 mongodb ssl。
我四处询问,但找不到任何特定于 mongolab 的内容。
来自 MongoLab 的文档:
Securing communications to your database
You should always try to place your application infrastructure and your database in the same local network (i.e., datacenter / cloud region), as it will be the most secure method of deployment and will minimize latency between your application and database.
When you connect to your MongoLab database from within the same datacenter/region, you communicate over your cloud hosting provider’s internal network. All of our cloud hosting providers provide a good deal of network security infrastructure to isolate tenants. The hypervisors used do not allow VMs to read network traffic addressed to other VMs and so no other tenant can “sniff” your traffic.
However, when you connect to your MongoLab database from a different datacenter/region, your communications are less secure. While your database does require username / password authentication (with credentials that are always encrypted on the network), the rest of your data is transmitted unencrypted over the open internet. As such you are potentially vulnerable to others “sniffing” your traffic.
Using MongoDB with SSL connections
Available for Dedicated plans running MongoDB 2.6+ only
To further secure communications to your database, MongoLab offers SSL-encrypted MongoDB connections on Dedicated plans running MongoDB 2.6 or later. Even when using SSL, we still recommend placing your application infrastructure and your database in the same datacenter/region to minimize latency and add another layer of security.
我和你做了同样的事情,发了邮件去问mongolab的细节。我得到了答案,与您分享,希望对您有所帮助。 以下为回复。
As long as your Heroku app and MongoLab database are in the same cloud region, we consider it safe to communicate between Heroku and MongoLab, as AWS' infrastructure prevents packet-sniffing within regions. If you use the MongoLab addon on Heroku this is automatic, but if you use a deployment provisioned directly at mongolab.com you'll need to manually select the matching region.
看来heroku和mongolab的连接是在同一个区域的。两者都由 AWS 保护,所以我猜你不需要 SSL。如果您需要它非常安全,您仍然需要 SSL 来提供额外的安全性。
希望能帮到你