Securing your S3 hosted website

Written by CSS Corp Cloud team | Dec 4, 2014 10:03:36 AM

Lets assume that you host your static website on Amazon Web Services S3.

Security is an important activity when it comes to hosting in cloud. You have to lock down all other access to the S3 bucket and validate access externally to S3 bucket. If you were to give access to someone to the S3 bucket, it has to be through IAM (Identity and Access Management) credentials and completely avoid sharing the AWS root credentials to AWS management console.

Cloud flare is a good service that one can use to secure the static website that's hosted on AWS S3. Cloud flare acts as a Web application firewall in this case, securing your website at application layer.

Sign up for cloudflare.com service and login to cloudflare.com. You can use the free option service to begin with, then later when your business grows you may sign up for paid services as required.

You will be requested to validate your email address first.

Once you validate your email address, you can import your DNS records to cloudflare.com
You can either create the DNS records manually (or)
You can import the DNS records for your current DNS provider to cloudflare.com
In your DNS service providers console, you have to update the name servers record so that name servers reference will be made to cloud flare instead of your default DNS service provider. (This is an important step for redirection to cloud flare)
Once you have uploaded the domains to cloud flare, you have to enable cloud flare passthru by clicking on the cloud symbol next to the domain
You can enable SSL for your website. There is a restriction in terms of number of domains / subdomains to which you can enable SSL for free but for 1 website it should be okay
You can also set up redirection rules in cloudflare.com for both SSL redirection by default and also www redirection

Reference:

Pls refer to following links if you face any issues in the above process.

Happy Hosting !!!

View full post