Secure Database Connection with AI Prompts

Share

TL;DR

Database connections need SSL to encrypt data in transit, connection pooling for efficiency, and proper credential handling. These prompts help you configure secure connections for PostgreSQL, MySQL, and managed databases like Supabase or PlanetScale.

Enable SSL/TLS Connection

Configure SSL Connection

Configure my database connection to use SSL/TLS.

Database: PostgreSQL/MySQL/MongoDB Client library: pg/mysql2/prisma/mongoose Environment: Development/Production

Current connection (insecure): DATABASE_URL="postgresql://user:pass@host:5432/db"

Help me:

  1. Add SSL parameters to the connection string
  2. Configure SSL in the client library options
  3. Handle CA certificates if required
  4. Set up different SSL modes for dev vs prod

SSL modes to explain:

  • require: Encrypt but don't verify certificate
  • verify-ca: Verify the CA certificate
  • verify-full: Verify CA and hostname

Show both connection string and programmatic configuration.

Connection Pooling

Set Up Connection Pool

Configure connection pooling for my database.

Platform: Node.js/Python/Go Database: PostgreSQL/MySQL Environment: Serverless/Traditional server

Help me configure:

  1. Pool size (min/max connections)
  2. Connection timeout settings
  3. Idle connection timeout
  4. Connection validation/health checks

For serverless (Vercel, Lambda):

  • Use external pooler (PgBouncer, Supabase pooler)
  • Configure for short-lived connections
  • Handle connection limits properly

Show configuration for my specific setup:

  • Library-specific pool settings
  • Environment variable configuration
  • Graceful shutdown handling

Credential Management

Secure Credentials

Help me secure my database credentials.

Current issues:

  • Credentials in code or config files
  • Same credentials for all environments
  • No credential rotation

Set up:

  1. Environment variable configuration
  2. Different credentials per environment
  3. Secrets manager integration (optional)

For managed databases:

  • Supabase: connection pooler setup
  • PlanetScale: branch-specific credentials
  • Neon: connection string with pooling

Show how to:

  • Parse DATABASE_URL correctly
  • Avoid logging credentials
  • Handle special characters in passwords
  • Set up read replicas separately

Never disable SSL in production: Without SSL, database credentials and data are sent in plain text. Anyone on the network can intercept them. Always require SSL for production databases.

Network Security

Database Network Security

Review and improve my database network security.

Current setup:

  • Database is publicly accessible
  • No IP allowlist configured
  • Using default port

Help me:

  1. Configure IP allowlist for my hosting provider
  2. Set up private networking if available
  3. Change default ports (optional)
  4. Configure firewall rules

For specific platforms:

  • Vercel: Configure trusted IPs
  • Railway/Render: Set up private networking
  • AWS RDS: Security groups and VPC
  • Supabase: Connection restrictions

Also check:

  • Database user permissions (principle of least privilege)
  • Separate read-only users for analytics
  • Application-specific database users

Pro tip: Use a connection pooler like PgBouncer or Supabase's built-in pooler for serverless environments. Direct connections from serverless functions can quickly exhaust database connection limits.

Why do I get SSL certificate errors?

Your client might not trust the database's CA certificate. For managed databases, use their provided CA bundle. For self-signed certificates, you may need to add them to your trust store or use "rejectUnauthorized: false" (not recommended for production).

How many connections should my pool have?

Start with 5-10 connections for most applications. The formula (cores * 2) + spindle_count is often cited. For serverless, use an external pooler and keep individual function pools small (1-2).

Check Your Database Security

Scan your connection configuration for security issues.

Start Free Scan
AI Fix Prompts

Secure Database Connection with AI Prompts