Heroku will soon require the use of SSL when connecting to Postgres databases (which is a good idea in any case).
According to https://devcenter.heroku.com/articles/heroku-postgres-ssl-brownouts there's likely nothing we need to do, as "sslmode" in libpq defaults to "prefer", and we're not overriding it. Also pulseguardian-dev appears to be using modern infrastructure, and it is working fine (or at least was, until bug 1436901 surfaced, which I'm looking into). We could force "sslmode" to "require" when running in heroku, although that is seemingly unnecessary.
Running "heroku pg:credentials:url DATABASE -a pulseguardian" has also indicated that we're running with sslmode as "require" (which I guess is what happens when you have it configured to "prefer" and the db supports SSL).
(In reply to Mark Côté [:mcote] from comment #1) > We could force "sslmode" to "require" when running in heroku, although that > is seemingly unnecessary. `prefer` is close to `disable` in terms of security offered, see: https://www.postgresql.org/docs/10/static/libpq-ssl.html#LIBPQ-SSL-PROTECTION
The brownout occurred here: https://papertrailapp.com/systems/pulseguardian/events?focus=900501047435526185
You need to log in before you can comment on or make changes to this bug.