Discussion on: When YOU make Static Site (with SSG), what additional APIs do YOU eventually have to use and how? (third-party or self-made)

[Pacharapol Withayasakpunt]

It's also a matter of static site hosting trying to sell their serverless solutions and lock-in to their platforms. Also deploying readymade JavaScript libraries isn't hard; but in reality, there is a database actively CRUD'ing somewhere, and JS library is just to simplify the connection (like Algolia).

Now, to the real question and very direct. What is the best way to connect my self-made server (for API only, on perhaps DigitalOcean), to a static hosting platform (say Netlify)? I know proxying isn't that hard; but how do I practically "hide" and "secure" the connection from unauthorized access?

[Jordan Kicklighter]

I think the exact scenario is important here. What type of backend API are you hosting? What about the API is important to hide and secure?

[Pacharapol Withayasakpunt]

What I already have are

• Remark42 comment on Google Compute Engine, where I have free credits. (If I host on DO now, I will have to pay monthly).
  • This is the only practical API I have currently that does not comply with 12-factor. I cannot host a database server outside.
• Several of stateless API on Heroku, or Google Cloud Run (i.e. Docker runner). Many of them are connected to MongoDB Atlas.
  • For these, I think it is a matter of ensuring privacy and availability. Also, contain the cost for GCR.
• Static web pages on Netlify and Vercel, where there may be SQLite and JSON files being reading via serverless.