re: Why DEV hosts on Heroku (and how we configure our service) VIEW POST

re: What? How is it exposed?

If you send me your db's connection string, I can just open my sql client and read/update whatever I want.

If your db is in a Private Space it is accessible only via a specific IP. So in this case, even of your db's connection string falls into the hand of an attacker, he cannot access the db.

Who would send one, one?

A private space costs $1000/month. Even a CEO wouldn't pay for that much for his/her side project.

Ah ok (-:
If it's in the context of a side project it's not really an issue.
I was thinking more in the direction of a production app.

Code of Conduct Report abuse