AWS Web Hosting and Security for our client: A Case Study of Deploying and Securing a Website on Amazon EC2 using Nginx and SSL
Main Objectives and Goals of the Project π―
Deploy and configure a web server on an Amazon EC2 instance, and successfully publish a website to be accessible to users via a specified URL.
Implement a secure connection for the website hosted on an Amazon EC2 instance by attaching and configuring a valid SSL certificate, ensuring all traffic is securely transmitted using HTTPS protocol.
Design and implement a robust server configuration using Nginx, to handle incoming traffic on port 80 and create a reverse proxy for a React application hosted on the same server, ensuring efficient routing and improved performance for users accessing the website.
AWS Services used in the Project π
Amazon EC2
Route 53
Key Concepts and Configurations π§©
Point Domain to AWS EC2 Instance
- We created ec2 instance and assigned it an elastic IP. Elastic IP addresses are useful in cases where the public IP address of an instance can change, for example, when the instance is rebooted or stopped and started.
Create Hosted Zone and Record Sets using Route 53
When you create a hosted zone, Route 53 automatically creates a set of default DNS records, such as an SOA (Start of Authority) record and NS (Name Server) records, that are required for the hosted zone to function properly. You can also create custom records, such as A, AAAA, CNAME, MX, and TXT records, to route traffic to specific resources.
We added the Amazon NameServers in the control panel of our Domain Provider, GoDaddy. Entered all the 4 nameservers that we got from AWS.
Attach and configure a valid SSL certificate on an Amazon EC2 instance
Used Certbot, a free, open-source tool to automate the process.
Ensured all website traffic is securely transmitted using the HTTPS protocol.
Increased the website's trustworthiness and protection against data breaches.
Created a reverse proxy for a React application hosted on the same server
Installed Nginx on EC2, then created a configuration file for our application
server { listen 443; server_name example.com; location / { proxy_pass http://127.0.0.1:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; }}
Enabled the new configuration by creating a symlink to it in the sites-enabled directory: sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
Test the configuration for any errors by running: sudo nginx -t
Restart Nginx service: sudo service nginx restart
Results
Prior to the implementation of reverse proxy
After we implemented reverse proxy
Also, secure after we implemented ssl
This is how we set up a web server on an Amazon EC2 instance, published a website, implemented a secure connection with SSL, and designed and implemented a strong server configuration using Nginx.