Exposed API Keys: Handling A Nightmare Scenario

Recently we noticed a post on twitter about an exposed API key for Convertkit where the author of the tweet was unable to contact Convertkit to remove the exposed API key from their account.

Which made us wonder – what would be a nightmare scenario for api keys for a Cloud Server provider?

For example, are you prepared if one of your Digital Ocean API keys is exposed to the internet and the Digital Ocean control panel is down and you cannot contact them via any of their support channels in a reasonable amount of time?

While it sounds like an unlikely scenario, it could happen – especially if the exposure was something that occurred at Digital Ocean itself (and not just something unique to you) and their customers are frantically calling them.

Are you prepared for this? How do you even prepare for this?

The Answer

This is a very very hard worst-case scenario – unfortunately, you can only partially prepare for this.

All you can do is:

• Make sure your customer machines are distributed among different cloud providers. In this way, if api keys are exposed for one provider, not all your customers are affected and
• Make sure you have backups or stand-by servers at different server providers – this way you can shut down AND DESTROY the existing instances (so no one can access them even if they have an api key) and bring up new instances at a different cloud provider.

We’re gonna keep chewing on this one because it is a challenge. We’ll likely be updating this article it the future.

PS: If you do have servers scattered across the various cloud providers, you do need a multi-cloud dashboard which is where WPCloud Deploy comes to the rescue.