Securing an EC2 Instance which Hosts a Static Public Website
https://stackoverflow.com//questions/20041003
-
21-12-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am trying to host a public website on an Amazon EC2 small linux instance. My website is pretty simple, in that, it doesn't have a database and any fancy server components. It's just a bunch of plain old html hosted on an Apache webserver.
What security measures do I need to take (firewall configuration?, ddos prevention?) to prevent my website from being defaced or denied access to? My linux knowledge is limited, so I would appreciate any suggestions/help here.
Solution
If you only have static HTML pages, don't run a webserver.
Use an object store (like Amazon S3 or Rackspace CloudFiles) to distribute your static html files. It's way less expensive, you don't have to handle application security, and is much faster.
OTHER TIPS
Host your website inside a private subnet of a VPC and have a public facing load balancer (e.g .nginx or Haproxy) or use AWS elastic load balancer in public subnet of VPC. The point is, use AWS VPC. Check this out.
In EC2-classic (non-VPC nevironment), the only security you have is the rules you configure in your security groups. With VPC, you have an added layer of security as your website won't be public facing. Instead the load balancer will be public facing.
