0

We have an AWS server instance running Ubuntu 18.04, and acting as host for a RESTful API (written in Python). The API interfaces with an RDS instance (mySQL) and basically performs database tasks; but this is not important.

We are looking at how to secure the connection between the AWS server and remote clients. The clients are Ubuntu work stations running 16.04 or 18.04, and scattered across various sites.

Looking for any advice on best practices to secure the connection / data between the clients and server.

Thank you,

Dan.

Dan G
  • 366
  • 1
  • 3
  • 18

1 Answers1

0

This is a detailed topic but some key steps:

  1. If the API will be accessed by a limited set of clients (other servers), you can restrict access to those specific IP addresses for your EC2
  2. Use ssl certificates (Letsencrypt is one example) to remove the danger of MITM attacks. Follow this or search for nginx example (if you are using nginx)

This is quite a vast topic and I really recommend you follow AWS recommendations alongwith getting a professional to do it if data is really important

kmcodes
  • 807
  • 1
  • 8
  • 20