https://bitnami.com/stack/couchdb
One click* will get you a couch instance in Google or Amazon's infra. At least in Google's case they handle SSL off in the tier above ... but what else has been hardened about these ? Does anyone know? Is there a couch_vulns.sh script one can run against a couch install to look for issues? Although WannaCry was in the news last week, Couch was too in Jan - http://www.pcworld.com/article/3159527/security/attackers-start-wiping-data-from-couchdb-and-hadoop-databases.html , https://lists.apache.org/thread.html/5bfd5b30613ac918276bab64a01f00cb451a19624a212b288ffe43b5@%3Cdev.couchdb.apache.org%3E and a consequential blog entry from this group that I can't find right now. - Paul * not really one click, but close.
