Hosting a Web App in AWS EC2

Suppose you want to host your web app in AWS EC2 with Apache web server installed in. Then you would like to reach EC2 via FTP to deploy your web app files. Then you would like to reach this content through your domain name.

Introduction

There are many ways to host a web app in the AWS environment. Your web app could be either a traditional web site or API project. Both types of web projects will be called web apps from now on. Some of the ways that we can apply to host a web app in AWS are listed below:

  1. Hosting a web app in S3 bucket
  2. Hosting a web app in a container in ECS, EKS, or Fargete
  3. Hosting a web app with Elastic BeansTalk
  4. Hosting a web app directly in EC2

We will be investigating the last one in this article. Although there are many operating systems to be used in EC2, Linux with the lowest configuration that can be reached in Free Tier will be used. For more about AWS Free Tier, click here.

Amazon EC2 can be used directly to host a web app. In this article, all steps to achieve such a task are explained step by step.

Background

What To Do

Main architect can be as shown below:

Suppose the aim is to host your web site in an AWS EC2 machine. For the simplicity of the app, a static HTML page will be published into AWS EC2 in Apache Web server. We will make it possible to reach Apache default www klasor through ftp. Beside these requirements, a domain will be redirected to this web app through AWS Route53.

Image 1

Image-001: Main system view

To design the architect shown in Image-001, we will be creating AWS items in the order of numbers in grey circles.

Suppose that our domain is WELR.com and we want to host its running items in EC2.

All steps to host WELR.com content in an AWS EC2 can be as below.

Step 1: Create a Security Group (SG-for-EC2-for-WELR) in AWS

This security group will be used for EC2. A security group can be thought of as a firewall of what it is bound to.

Set all inbound ports as shown below:

  • 20-21 (FTP)
  • 1024-1048 (FTP), optional
  • 22(SSH)
  • 80(HTTP)
  • 8080(HTTP custom), optional
  • 443(HTTPS)

The red rectangle in the image below is important to show flow from ALB to EC2 through related security groups.

Image-002: Inbound rules of SG-for-EC2-for-WELR

Step 2: Create an EC2 (EC2-for-WELR) with SG-for-EC2-for-WELR

Creating an EC2 instance in AWS is a straightforward action. The connect button in the top-right side of the image below will be used to connect to EC2.

Image 3

Image-003: EC2-for-WELR

Install all requirements in EC2-for-WELR.

Firstly, you should connect to the EC2 command prompt. To be able to do this step, there are many ways. But the simplest one is to connect directly through the AWS web console.

Image 4

Image-004: Connect to EC2-for-WELR

After pressing the Connect button, you will be connected as ec2-user to the EC2 command prompt.

2.1- Install Apache

> sudo s
> yum update -
> yum install -y httpd.x86_6
> systemctl start httpd.servic
> systemctl enable httpd.service

All wep app files will be in apache default web folder.

Default web folder for apache is /var/www/html.

2.2 – Install ftp

> sudo su
> yum update -y
> yum install vsftpd
			
> sudo vi /etc/vsftpd/vsftpd.conf

You should make some changes in the ftp configuration file as shown below.

All these lines should exist in the configuration file as shown. To use vi editor, you should know how to use it. If it is the first time for you to use vi editor, check here.

# remove all # of the lines below
anonymous_enable=NO
#
local_enable=YES
#
write_enable=YES
#
local_umask=022
#
dirmessage_enable=YES
#
xferlog_enable=YES
#
connect_from_port_20=YES
#
chroot_local_user=YES
write_enable=YES
allow_writeable_chroot=YES
#
listen=NO
#
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
pasv_enable=YES
pasv_min_port=1024
pasv_max_port=1048
pasv_address=18.170.116.xxx

To restart vsftpd, one the following can be used.

> /etc/init.d/vsftpd restart

OR:

> systemctl restart vsftpd

To add a user for FTP, do the following in the EC2 command prompt.

> adduser awsftpuse
> passwd awsftpuse
> usermod -a -G root awsftpuser
> usermod -d /var/www/html/ awsftpuse
> chown -R awsftpuser /var/www/htm
> systemctl restart vsftpd

2.3 – Install ftp Client

e.g. Filezilla client on Windows.

After creating all items in AWS, try to connect and upload a file by an ftp client. You should be able to upload index.html to the web folder of ftp in EC2.

Step 3: Create a Security Group (SG-for-ALB-for-WELR) (will be used for ALB)

Set all inbound ports as shown below:

  • 20-21 (FTP)
  • 1024-1048 (FTP), optional
  • 22(SSH)
  • 80(HTTP)
  • 8080(HTTP custom), optional
  • 443(HTTPS)

Image 5

Image-005: Inbound rules of SG-for-ALB-for-WELR

Step 4: Create a Target Group TG-for-WELR including EC2-for-WELR

Image 6

Image-006: Target Group TG-for-WELR

Step 5: Create Application Load Balancer with the name ALB-for-WELR

This ALB should have the target group TG-for-WELR.

Target group is a group of EC2. But for now it includes only EC2-for-WELR.

Additionally, this ALB should have SG-for-ALB-for-WELR.

Image-007: ApplicationLoad Balancer ALB-for-WELR

Image 7

Step 6: Allow all TCP Request of SG-for-ALB-for-WELR to SG-for-EC2-for-WELR

Add inbound rules to SG-for-EC2-for-WELR so that it accepts all TCP requests from SG-for-ALB-for-WELR.

Image 8

Image-008: Allowing flow from ALB to EC2 through their security groups

Step 7: Create a Route53 Hosted Zone

It should have four records as below:

  • NS and SOA are created automatically
  • Create Record A. As it is seen in the image below
  • Create Record CNAME – to welr.com

Image-009 – Records of Route53

Image 9

NS addresses can be used in domain management UI to redirect the domain name to the web app you host in EC2 Apache.

Conclusion

As mentioned at the beginning of this article, there are many ways to host a web app in any cloud environment. We made some investigations in AWS EC2. As it is seen, we suppose that we deploy the running items of the web app to Apache through FTP manually. However, with any CI/CD tool, it can be automated using FTP commands as well.

The main idea of this article is to show how to host a web app in EC2 that is behind Route53 and Load Balancers in the AWS environment.

History

  • 26th September, 2022: Initial version


Necmettin Demir is developer at NEBULACT Ltd. in London/UK.

He has BSc and MSc degrees of Computer Science. He was also graduated from MBA.

He is also trying to share his technical experience writing articles.