With questions like this, it looks like the only way to prevent man-in-the-middle attacks is to use sslmode=verify-full
. This is also explained in the Postgresql docs.
When I use the DATABASE_URL
provided by Heroku in my app, is there a guarantee that there won't be a MITM attack? (Or asked another way, does Heroku do something behind the scenes to guarantee that Heroku <-> Heroku-Postgres
is secure?)
Secure & compliantThe Heroku platform is built for security from the ground up in compliance with key industry standards for data protection. For apps in regulated industries, Heroku Shield Postgres delivers PCI and HIPAA compliance.
The Heroku PostgreSQL development plans are designed to offer the database features required for development and testing, without the production-grade operations, monitoring, and support found in paid production plans.
Heroku Postgres is an easy, low-cost way to get started with a relational database on the Heroku platform. This open-source database is also the most effective service for developers looking to build engaging apps.
No, Heroku Postgres is not secure against a MitM. The highest risk is running pg:psql
from the command line, since it's fairly easy to get between your laptop and Heroku by using a WiFi Pineapple or similar tools. Getting between your Dynos and the database is much harder. This is possible since Heroku hasn't created a CA to sign their database certificates, thus there's no trust root to use when you're connecting.
I did a writeup of actually performing such a MitM against Heroku Postgres here, please file a support ticket with Heroku saying you'd like to see them create a CA and issue a trusted root we can use to authenticate connections if you care about this.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With