Reference architecture

System Information
  • Strapi Version: v4
  • Operating System: linux
  • Database: mysql
  • Node Version:
  • NPM Version:
  • Yarn Version:

I’m pretty new to strapi & JS and I wondered if there is an reference architecture on how setup the environment.
for example I have a classic IT background and would have planed it like that (on aws apprunner or if not serverless with any docker hoster):


  • react app or whatever
  • exposed to the internet
  • communication secured with SSL and maybe a webapplication firewall
  • user authentication with username & password and maybe a one time password/token


  • strapi
  • admin ui is deactivated
  • authentication from the frontend via oauth2 bearer token
  • S3 as persistence layer (maybe encrypted)
  • communication secured with SSL
  • can’t be reached from the internet only from the frontend


  • mariadb/mysql
  • deployed as cloudhoster service
  • authentication via username/password or token
  • communication secured with SSL

does this make sense to you?
did I miss some crucial parts or are there some big flaws?

I also found some guides that suggest to deploy the backend with it’s own domain so it’s reachable from the internet, but that sounds insecure to me. (but maybe it’s just me)

thx in advance!