Setting Up a Website on AWS EC2 with Apache Server and Installing SSL Certificate Using Let’s Encrypt
In today’s digital age, having a website is crucial for businesses and individuals alike. Amazon Web Services (AWS) provides a powerful platform for hosting websites, and setting up a website on an AWS EC2 instance using Apache web server is a common choice. Additionally, securing your website with an SSL certificate is essential for ensuring data privacy and building user trust. In this blog, we’ll walk you through the process of setting up a website on AWS EC2 with Apache server and installing an SSL certificate using Let’s Encrypt.
Prerequisites
- Before you begin, make sure you have the following:
2. An AWS account with an EC2 instance already created.
3. Access to your EC2 instance using SSH.
4. Ports 80, 443, and 22
In the process of setting up your website and SSL certificate, you’ll work with a few important ports:
- Port 80: This is the default port for unencrypted HTTP traffic. Apache uses this port to serve your website’s content.
- Port 443: This is the default port for encrypted HTTPS traffic. After installing the SSL certificate, Apache will use this port to serve encrypted traffic.
- Port 22: This is the default port for SSH, which you use to connect to your EC2 instance securely.
Step 1: Connecting to Your EC2 Instance
To get started, connect to your EC2 instance using SSH. You can use the following command in your terminal:
ssh -i /path/to/your/private/key.pem "user"@your-instance-public-ipReplace `/path/to/your/private/key.pem` with the actual path to your private key file and `your-instance-public-ip` with your EC2 instance’s public IP address.
Step 2: Installing Apache Server
Once you’re connected to your EC2 instance, you’ll need to install the Apache web server. Run the following commands:
sudo apt update
sudo apt install apache2 -yAfter the installation is complete, start and enable the Apache service:
sudo systemctl start apache2
sudo systemctl enable apache2Step 3: Setting Up Your Website
If you have your own HTML files, you can put them in a folder called /var/www/html/ Or, you can use the following commands or a script to quickly create a website.
Now that Apache is up and running, let’s set up your website. We’ll use a simple script to download and deploy a website template. Run the following commands:
mkdir -p webfiles
cd webfiles
sudo wget https://www.tooplate.com/zip-templates/2118_chilling_cafe.zip
sudo unzip -o 2118_chilling_cafe.zip
sudo rm -rf /var/www/html/*
sudo cp -r 2118_chilling_cafe/* /var/www/html/
cd ..
sudo rm -rf webfiles
sudo systemctl restart apache2This script creates a directory called `webfiles`, downloads a website template, unzips it, and copies the template files to Apache’s web root directory. The website should now be accessible through your instance’s public IP address or domain name.
Mapping your IP address to a domain name involves creating an “A record” in your domain provider’s DNS settings. This process allows visitors to access your website using a user-friendly domain name rather than an IP address. Here’s a step-by-step guide on how to do it:
Step 4: Log in to Your Domain Provider
Go to where you bought your domain and log in.
Step 5: Find DNS Settings
Look for an option that talks about managing or editing your domain’s DNS settings.
Step 6: Create A Record
1. Choose to add a new DNS record.
2. Pick “A” record type (Address record) from the options.
Step 7: Fill in the Details
1. In the “Name” or “Host” field, put your domain name, like “@”
2. In the “Value” or “Points to” field, enter your EC2 instance’s IP address.
3. Set the “TTL” to something like 3600 or Default (it’s like how often to check for updates).
Step 8: Wait a Bit
It might take a while, even up to a day, for your changes to spread around the internet.
Step 9: Test It Out
Open a web browser and type your domain name (e.g., `http://www.yourdomain.com`). If your website appears, it’s working!
Remember, setting up this “A record” connects your domain name to your EC2 instance’s IP address, so people can easily find your website using your domain name instead of the IP address.
To Install an SSL certificate for Apache using Certbot on Ubuntu, follow these steps:
1. Update Ubuntu Apt Repository List:*
Update the package repository list to ensure you’re getting the latest packages:
sudo apt update2. Install Snapd:
Install snapd package and set it up:
sudo apt install snapd -y
sudo snap install core;
sudo snap refresh core3. Install Certbot:
Install Certbot using snap:
sudo snap install --classic certbot4. Prepare the Certbot Command:
Create a symbolic link for Certbot:
sudo ln -s /snap/bin/certbot /usr/bin/certbot5. Install SSL Certificate for Apache:
Use Certbot to install an SSL certificate for Apache:
sudo certbot — apache — non-interactive — keep-until-expiring — renew-with-new-domains — agree-tos — email <email_id> — no-eff-email — domains “<domain_name>”Replace `<email_id>` with your email associated with the SSL certificate and `<domain_name>` with your domain name.
The ` — apache` flag tells Certbot to use the Apache plugin for installation.
Please note that these steps are based on the information you provided in your original question. Make sure to replace `<email_id>` and `<domain_name>` with your actual email and domain. Additionally, ensure that your Apache server is correctly configured to serve the domain you’re installing the SSL certificate for.
After running the Certbot command, it will guide you through the process of obtaining and installing the SSL certificate, updating your Apache configuration, and reloading the Apache service. Once the process is complete, your website should be accessible over HTTPS with the newly installed SSL certificate.
Conclusion
Congratulations! You’ve successfully set up a website on an AWS EC2 instance using Apache web server and installed an SSL certificate using Let’s Encrypt. Your website is now accessible over HTTPS, ensuring a secure and trustworthy browsing experience for your users. By following these steps, you’ve taken important strides in establishing a robust online presence while prioritizing security.
