I have currently built my RASA agent in an EC2 instance and am looking up ways to make my bot secure as it will be handling very sensitive information from the user during a conversation. I understand that it’s best to use a reverse nginx proxy and HTTPS so I plan to implement that in my current docker-compose file. Is the reverse nginx proxy suppose to be on the same EC2 instance as the RASA agent or a different instance and connected? if the latter of the two, how would one do that on AWS?
Also (this is more about a question if this is good practice), how is the best way to secure and send data to the RASA agent from a client like iOS? (I’ve already connected the two via webhook and the HTTP api)? I was thinking about client-side encryption and the server side decryption but googling and reading some reddit threads seems that this isn’t the right approach perhaps?
Anyone having experience or any tips would be a great help!