home
HomeSearchDr. Hain Clinic website Information for Dizzy Patients MusicFLWVarious and Sundry

This space holds helpful information about software and hardware and vendors that Dr. Hain has discovered by trial and error. Perhaps if enough of us do this, searches on these devices or companies will bring up more relevant information.

Amazon AWS Web server -- setting up a simple web site

Last edited: January 27, 2020

Cloud services are popular and are replacing local servers. The purpose of this page it to document my trials/tribulations, as well as provide a "how I did it" page.

My project was to copy a simple website (this one actually), to the Amazon AWS cloud. They claim online that this can be done on 3 minutes. Not true at all -- maybe 3 hours start to finish. I thought I could prepare for this by reading an online book on AWS. This was just gibberish. So here is my list of things to do.

Installing a pre-existing Ubuntu web site on AWS:

  1. Set up an AWS account. Doesn't really need much explanation.
  2. Figure out which of the 40 or so Amazon things to click on -- I was looking for cheap, at least until I decide if this works. I settled on "free" with Amazon E2. There seem to be an immense number of alternative options, mostly not free.
  3. Figure out which type of server to create -- I ended up using Ubuntu 18.04, because I had another Ubuntu instance running at work. It was OK. Perhaps other types of Linux would work as well. The "Amazon Linux" package includes more stuff by default.
  4. Set up login credentials - -this was harder. Amazon has lots of security stuff. I decided to use the SSH key, because I had used Putty before. This worked OK but took me about 20 minutes. It might be a lot harder for someone who has not used Putty before. Putty, puttygen and pageant are all free programs.
  5. Login to the AWS server using Putty. This was harder than it sounds, because you first need to locate the public IP address (a sub-address on amazon), copy it into Putty, import the Amazon Key which you should have saved in your download directory, convert it into a Putty Key, and save it under a different name. Quite a pain. Took about an hour, but finally got there.
  6. Set up winscp to login to the aws server as well. Similar methodology, only about 10 minutes. Winscp allows you to copy whole directories. However, it does not give you sudo, which means that you cannot always copy stuff. This is unlike putty, which can use sudo.
  7. Install a "LAMP" stack. Here, I used an online documentation page how to do this on Ubuntu. The "linuxbabe" page is for Ubuntu in general, not specific to AWS. I am not entirely sure if all of the myriads of commands were really needed. I suspect not. I did this through putty. It may help to know that you can copy/paste into putty with right-click.
  8. Try to start up the web page -- this didn't work (after all this time !). After about an hour of fiddling around, checking apache configuration, checking using Putty to see if ports are open, I finally figured out that AWS has its own firewall, and that one has to open a port in the Amazon console. Amazon does not call their firewall a firewall, they call it a "security group". The idea is that there are multiple firewalls, as is appropriate for multiple instances. One has to find or perhaps create your security group, and create a rule that allows port 80 in. This seems to be the "gotcha" that prevents people from getting going quickly. I found a nice tutorial on "security groups" here. I ended up creating new rules for http and https. The ssh rule was already there (it works for sftp as well). The amazon documentation also mentions how to create a new security group, and then assign it to the instance. This tutorial is not for ubuntu however, so most of it is irrelevant.

So after all this, I was able to copy my website to AWS, and it seems to work , but it has a strange Amazon name (generated by Amazon). The name is :

ec2-18-224-173-6.us-east-2.compute.amazonaws.com

Uploading stuff to your AWS web site using Dreamweaver. Thoughts on installing ftp.

I use older versions of Dreamweaver (i.e 3, 4 and 5), that don't require subscriptions to Adobe, to edit my websites that are mainly content. I don't subscribe to the Adobe "creative cloud". Why buy the whole cow if all you want is milk? These versions of Dreamweaver need ftp to upload/download, which means that you have to install ftp on your AWS server. They don't work with sftp. Thus Dreamweaver 3-5 is "crippled". Sftp doesn't work with Dreamweaver 3-5 because there is no method of supplying Dreamweaver the private key for authentication. One wonders what Adobe was thinking when they implemented Dreamweaver with an "SFTP" option but no method of entering the private key.

FTP is not secure, because it doesn't use encryption. So using FTP to upload to AWS is a security issue.

The best way to manage this security problem is to set up a testing server locally, make sure everything works locally, and only use secure transfers (perhaps with winscp) to your public web site. This is probably the best solution for crippled Dreamweaver 3-5 based sites, but it requires more work to set up a local server. For this solution, you still have to get ftp working on your testing server, which should not be publicly accessible.

So this section is about installing an ftp server on your ubuntu site, whether it be a testing server or a AWS server. If you are doing this on the public site, you have to configure ftp so that it requires some sort of login (no anonymous of course), and it points to your Ubuntu web directory (/var/www/html in Ubuntu 14.04 and later). Probably not necessary if you are using a testing server. By the way, using a NAS as a testing server is easy but a bad idea (because you can't control the stack). Setting up a local virtual ubuntu is probably the best idea (i.e. similar to the AWS machine).

In previous attempts to install FTP, I have NEVER managed to get vsftpd working, but have succeeded with proftpd. As mentioned above, getting ftp to work for Dreamweaver means being unsecure because Dreamweaver 3, 4 and 5 don't do certificates in "manage sites". So you have to ignore all of the stuff in the online instructions about certificates. For security, you just have to depend on the fact that you are not doing much uploading/downloading with Dreamweaver, and you should choose a very secure username/password pair. It is also best if you are not doing anything that needs security anyway. Use a secure method (like winscp) if you need to to do something securely. Of course, if someone hacks your ftp, with some sort of method of watching your web traffic and uploads some php, you are dead. So this is intrinsically risky.

 

Changing the name of an AWS generated web site.

Lets say you have a domain name that you own called "whatever.com", and you want to have people who type in "whatever" in their browser, to end up on your amazon page, which might be called something like "ec2-18-224-173-6.us-east-2.compute.amazonaws.com". Obviously, you don't want people to have to type this in. You want to switch the DNS (domain name server) over to knowing that ec2-18-224-173-6.us-east-2.compute.amazonaws.com is where you go when you type in "whatever" in your browser. What you want to do is to change your nameserver. This is free, because you pay for this already when you renew your domain name.

Steps:

  1. Start by figuring out wherever your domain name is maintained. For example, it might be "Godaddy". This is not necessarily where your website is hosted.
  2. Identify your "private" IP address for your website. This is pretty easy as it is embedded in the public IP name (after ec2). This particular site's private IP address is "18-224-173-6", with dots substituted or dashes.
© Copyright September 20, 2020 , Timothy C. Hain, M.D. All rights reserved.
Dr Hain's CV Clinic dizziness-and-hearing.com FLW Various and Sundry Dr. Hain's CV