Before anything, I have never worked with Amazon EC2 Service, first time I even hear of it. I was asked to work on a Drupal 6 site and I need to upload a custom module. The client gave me a username and password to log into Amazon EC2, but told me nothing else. I assumed their site was hosted there. I came upon the EC2 dashboard, and to my surprise (or maybe not) there were no running instances. If I understood properly, you need a running instance that's supposed to work as the server, please, correct me if I'm wrong. I might be understanding it all wrong, and associating "instance" as if it were the Virtual Server itself (sort of like when you use virtual machines on your computer and instance=="virtual machine").
If there are no running instances, how is the site "up" ? There must be a server, somewhere, answering to the client's requests. Or is it that the "instances" are more like "working sessions"? Thing is, I don't want to meddle too much into the dashboard in case I mess it up since this client has no staging site nor repository. That's why I wasn't bold enough to create an instance.
Helps is much appreciated.
You are correct, that if the site is hosted on aws ec2, there must be an ec2 instance running somewhere - definitely check to make sure you have selected the correct region in the upper right hand corner of the console.
The only other possibility, and I don't this would apply to Drupal, is it actually is possible to host an html/css/javascript only site completely on aws s3 (which would not required ec2 instance) but that is not likely what you are dealing with.
Related
I have I Squarespace website I made for myself a while back. The main purpose at the time was to have something to link to from my iOS app, and I opted for something expedient rather that thinking long term just to get the app released. Fast forward to now and I have an AWS EC2 instance where I could do more with a personal site in the future. Ultimately it would be nice to get it off Squarespace and not have to pay another full year billing cycle, but the renewal date is a pretty tight deadline at this point.
Nothing on this domain requires must more than frontend web code really, but a completely different page UI could take more time than I have for this. I'm wondering if there might be a way to just temporarily have the Squarespace page source as is running on EC2 so I can worry about a possible non CMS design when I'm not worried about getting billed for another whole year by Squarespace.
I'm not sure if this is possible, but if not it seems like I should just port the content to minimalistic empty html files with no styling just to avoid the billing or get billed for a shorter time period. Billing seems like the limiting factor here. I would also need to add my new credit card to get billed for more time which I also have yet to do.
Basically, has anyone else dealt with this situation personally? What would you recommend I do? Does Squarespace even allow me to port to EC2 somehow, or is that more in the realm of WordPress? Thanks.
Note: Tomcat's what I'm using on the EC2 instance currently. I will also need to do the multiple site per instance setup for this, but I believe that's the most relevant config info here unless I'm forgetting something.
Not sure why you've already chosen to use Tomcat as I don't see anything that would allow you to easily convert your Squarespace site to a Java webapp. It looks like Squarespace sites can be exported into Wordpress, which you could host on an EC2 server.
Alternatively you could use wget to create a static copy of your website which you could then host easily on your EC2 server with Nginx, or skip EC2 and just host the static website on S3.
We run a whitelabeled site builder -- think squarespace or shopify (different market, though). We currently host on Heroku, but need to be able to offer customers an IP address so they can easily point their naked domains at our service. Although I want to move to AWS at some point, we're a bit short on resources right now, so I need an interim solution for this.
It seems like I should be able to set up a simple proxy server behind a static IP on Route53 or something that would proxy traffic to our Heroku app. But I've little experience with this sort of thing and don't know A) if this is actually the right way to go about it, B) resources to look at or the right tools to check out, or C) if there are commercial services that would be easier temporarily than running it ourselves.
Thanks in advance for any pointers!
PS - Believe me, I know this is sub-optimal, but there are a number of reasons we definitely have to offer an IP.
You could certainly do this, since a proxy or hand-made LB within EC2 can shuttle traffic off to wherever you need. So HAproxy running on an EC2 instance could pass traffic over to Heroku for you.
However, I see this was posted about 6 months ago and I know Heroku has just reconfigured pricing. So maybe that is encouragement to move into AWS now. My only real worry about your above solution is latency. What if you ran an EC2 instance with Varnish to cache your Heroku app(s) and try to mitigate any sluggishness?
This a very simple question, but I haven't found the answer anywhere.
I am thinking about moving one of my websites, a joomla website, to the cloud, more specifically to a EC2 instance on Amazon. I have been watching some videos and the process seems rather simple. However, I haven't found any information about where the files are stored.
Are they in a S3 bucket? Are they saved somewhere else? How do I access the files?
Can I use Cloudfront to serve images and other files?
How does the whole integration process between EC2, S3 and Cloudfront work for a hosted website?
Thank you!
In my experience With EC2, you interact with the instance just as you would with any headless server in the basement. You can connect over SSH and install software, store files, etc, as normal.
It's great if you want a whole server to play with, but if it's just website hosting you're after, it might be overkill.
S3 can serve up static pages, but you can't install any code on there.
I don't know about cloudfront.
It seems to be though that what you need is standard website hosting.
I have just installed a fedora linux AMI on amazon EC2, from the amazon collection. I plan to connect it to EBS storage. Assuming I have done nothing more than the most basic steps, no password changed, nothing extra has been done at this stage other than the above.
Now, from this point, what steps should I take to stop the hackers and secure my instance/EBS?
Actually there is nothing different here from securing any other Linux server.
At some point you need to create your own image (AMI). The reason for doing this is that the changes you will make in an existing AMI will be lost if your instance goes down (which could easily happen as Amazon doesn't guarantee that an instance will stay active indefinitely). Even if you do use EBS for data storage, you will need to do the same mundane tasks configuring the OS every time the instance goes down. You may also want to stop and restart your instance in certain periods or in case of peak traffic start more than one of them.
You can read some instructions for creating your image in the documentation. Regarding security you need to be careful not to expose your certification files and keys. If you fail on doing this, then a cracker could use them to start new instances that will be charged for. Thankfully the process is very safe and you should only pay attention in a couple of points:
Start from an image you trust. Users are allowed to create public images to be used by everyone and they could either by mistake or in purpose have left a security hole in them that could allow someone to steal your identifiers. Starting from an official Amazon AMI, even if it lacks some of the features you require, is always a wise solution.
In the process of creating an image, you will need to upload your certificates in a running instance. Upload them in a location that isn't bundled in the image (/mnt or /tmp). Leaving them in the image is insecure, since you may need to share your image in the future. Even if you are never planning to do so, a cracker could exploit a security fault in the software your using (OS, web server, framework) to gain access in your running instance and steal your credentials.
If you are planning to create a public image, make sure that you leave no trace of your keys/identifies in it (in the command history of the shell for example).
What we did at work is we made sure that servers could be accessed only with a private key, no passwords. We also disabled ping so that anyone out there pinging for servers would be less likely to find ours. Additionally, we blocked port 22 from anything outside our network IP, wit the exception of a few IT personnel who might need access from home on the weekends. All other non-essential ports were blocked.
If you have more than one EC2 instance, I would recommend finding a way to ensure that intercommunication between servers is secure. For instance, you don't want server B to get hacked too just because server A was compromised. There may be a way to block SSH access from one server to another, but I have not personally done this.
What makes securing an EC2 instance more challenging than an in-house server is the lack of your corporate firewall. Instead, you rely solely on the tools Amazon provides you. When our servers were in-house, some weren't even exposed to the Internet and were only accessible within the network because the server just didn't have a public IP address.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed last year.
The community reviewed whether to reopen this question last year and left it closed:
Original close reason(s) were not resolved
Improve this question
Is it possible to load / host an entire website using AWS? Or is it only a service that can load specific pieces of a website - such as images, etc. Obviously, I'd want to use my own domain. If you can use it, are there any limitations?
Here's the AWS link, for context:
http://aws.amazon.com/s3/
AWS = Amazon Web Services = a suite of different web services.
S3 (which you linked to) is an object store. You can't host a web service on S3.
EC2, also under the AWS umbrella, is virtualized compute space. You CAN host a web service on EC2. It is just like having a server in a rack somewhere, except that when you shut down an instance, it is gone forever. But using EBS, which is like a virtualized hard drive, will prevent you from losing your data when the EC2 instance shuts down.
See http://aws.amazon.com/ec2/ and http://aws.amazon.com/ebs/
EDIT: Aug 12, 2016 they have a dedicated section on how to get started hosting a website on AWS. Please note S3 only allows STATIC websites but AWS provides SDKs in case you want to run PHP, ASP.NET, etc on your instance. See the links for more details.
http://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html
https://aws.amazon.com/websites/
So guess what I just found while doing some Google searches for hosting on AWS?! A blog post by the AWS stating that you can (now) host a website on S3. (Funny enough, the StackOverflow and the AWS post were right next to each other in the SERPs!)
http://aws.typepad.com/aws/2011/02/host-your-static-website-on-amazon-s3.html
Yes it is completely possible to host websites on AWS in 2 ways:
1.) Easy - S3 (Simple Storage Solution) is a bucket storage solution that lets you serve static content e.g. images but has recently been upgraded so you can use it to host flat .html files and your site will get served by a default Apache installation with very little configuration on your part (but also little control).
2.) Trickier - You can use EC2 (Elastic Compute Cloud) and create a virtual Linux instance then install Apache/NGinx (or whatever) on that to give you complete control over serving whatever/however you want. You use SecurityGroups to enable/disable ports for individual machines or groups of them.
#danben your EC2 instance does not have a constant public IP by default. Amazon makes you use a CNAME - not an A record as your IP may change under load. You have to pay for an ElasticIP to get a consistent public IP for your setup (or use some sort of DynDNS)
As #danben mentioned, there is a difference between S3 and EC2.
One thing that may be interesting for people looking to host a website on Amazon, specially if they want to start small is that Amazon started offering a free tier some months ago. Together with services like BitNami Cloud Hosting (disclaimer, I helped design it, so it is a bit like my baby :) means you can get your site on the Amazon cloud in just minutes, for basically 0 dollars. You still need to give credit card info to Amazon, but it will not be charged if you stay within the limits of their free tier.
One thing to consider too is that at the time of writing this (Jul 2011), Amazon restricts you to one IP address per server. If you need to host multiple domains, you may need to use name-based virtual hosts or some tricks using their Elastic Load Balancer (which will cost you more). But all in all, it is worth a try if you are a bit technical and want more control than what shared hosting provides you
At reinvent 2018, AWS launched the Amplify Console, a continuous deployment and hosting service for single page and static apps with serverless backends. Check it out: http://console.amplify.aws
Yes! You can easily host your website on AWS.
There are two ways;
One with Native AWS - This is a tricky method that requires expertise and a series of commands to run. You need to manage security, DNS, SSL, server protocols, and more by yourself.
Managed Cloud Platforms like Cloudways - You can easily launch an AWS server and host your website with a few clicks. Moreover, you can quickly manage your server protocols, packages, security firewalls, DNS, and more from its intuitive platform.