I’d like to learn more about CSS Corp

  • THOUGHT LEADERSHIP BLOGS

    Cogent Views on Technological Developments Driving Business Outcomes

  • FEATURED BLOGS

    Narratives on Technology Issues that Count

  • GUEST BLOGS

    Views and Cues from Global Leaders

    Disclaimer: Views and products mentioned by guests are not necessarily endorsed by CSS Corp

Securing your S3 hosted website

Lets assume that you host your static website on Amazon Web Services S3.

Security is an important activity when it comes to hosting in cloud. You have to lock down all other access to the S3 bucket and validate access externally to S3 bucket. If you were to give access to someone to the S3 bucket, it has to be through IAM (Identity and Access Management) credentials and completely avoid sharing the AWS root credentials to AWS management console.

Cloud flare is a good service that one can use to secure the static website that's hosted on AWS S3. Cloud flare acts as a Web application firewall in this case, securing your website at application layer.

Sign up for cloudflare.com service and login to cloudflare.com. You can use the free option service to begin with, then later when your business grows you may sign up for paid services as required.

You will be requested to validate your email address first.

  1. Once you validate your email address, you can import your DNS records to cloudflare.com
  2. You can either create the DNS records manually (or)
  3. You can import the DNS records for your current DNS provider to cloudflare.com
  4. In your DNS service providers console, you have to update the name servers record so that name servers reference will be made to cloud flare instead of your default DNS service provider. (This is an important step for redirection to cloud flare)
  5. Once you have uploaded the domains to cloud flare, you have to enable cloud flare passthru by clicking on the cloud symbol next to the domain
  6. You can enable SSL for your website. There is a restriction in terms of number of domains / subdomains to which you can enable SSL for free but for 1 website it should be okay
  7. You can also set up redirection rules in cloudflare.com for both SSL redirection by default and also www redirection

Reference:

Pls refer to following links if you face any issues in the above process.

Happy Hosting !!!

CSS Corp Cloud team

Subscribe Here!

Posts by Categories

See all

Reach Us

Thank you for reading CSS Corp Blog. The best way to reach us would be to fill the form below and we will get back to you.

reach-us