2

I am trying to host a public website on an Amazon EC2 small linux instance. My website is pretty simple, in that, it doesn't have a database and any fancy server components. It's just a bunch of plain old html hosted on an Apache webserver.

What security measures do I need to take (firewall configuration?, ddos prevention?) to prevent my website from being defaced or denied access to? My linux knowledge is limited, so I would appreciate any suggestions/help here.

Kyle Kelley
  • 13,804
  • 8
  • 49
  • 78
Jay
  • 2,394
  • 11
  • 54
  • 98

2 Answers2

5

If you only have static HTML pages, don't run a webserver.

Use an object store (like Amazon S3 or Rackspace CloudFiles) to distribute your static html files. It's way less expensive, you don't have to handle application security, and is much faster.

Kyle Kelley
  • 13,804
  • 8
  • 49
  • 78
2

Host your website inside a private subnet of a VPC and have a public facing load balancer (e.g .nginx or Haproxy) or use AWS elastic load balancer in public subnet of VPC. The point is, use AWS VPC. Check this out.

In EC2-classic (non-VPC nevironment), the only security you have is the rules you configure in your security groups. With VPC, you have an added layer of security as your website won't be public facing. Instead the load balancer will be public facing.

slayedbylucifer
  • 22,878
  • 16
  • 94
  • 123
  • thank you for your answer, it is a great answer and very insightful. I had to award it to Kyle, coz his answer helped me find something simpler and cheaper. – Jay Nov 18 '13 at 13:07
  • Glad to be helpful. Kyle's answer is certainly the way to go for this use-case. – slayedbylucifer Nov 18 '13 at 13:23