NodeBalancer with one Linode for safety?

Hi. This might be a stupid question, I don't know. If so I am sorry.

Let's say I have an application server on a Linode VSP. I am trying to take precautions to make it as secure as possible, but I still don't like that the data is standing directly there on a VPS that has a known public IP address.

Would it make sense to put a Nodebalancer in front of this one Linode? This seems like a cheaper and less maintainance option than for example setting up two linodes where on one there is just something like Nginx with reverse proxying to the application server and data on another, only privately exposed, linode.

I appreciate feedback from people that understand there things better than me.

1 Reply

The way a NodeBalancer works is that it connects to the backend through a private IP address. This is a LAN connection within the data center, so it is available to any other Linode in the same data center. I would understand why this might be an appealing option for your use case, though I don't think it's really what you want or need.

It sounds to me like you want something like IP Obfuscation. Providers like Cloudflare provide this.

As for security, I would get started with our Secure Your Server and Security Best Practices guides if you haven't reviewed them yet. From there, I would also look into application-layer security. I'm referring to the application layer of the OSI model.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct