linuxsecurityamazon-web-servicesamazon-ec2static-html

Securing an EC2 Instance which Hosts a Static Public Website


I am trying to host a public website on an Amazon EC2 small linux instance. My website is pretty simple, in that, it doesn't have a database and any fancy server components. It's just a bunch of plain old html hosted on an Apache webserver.

What security measures do I need to take (firewall configuration?, ddos prevention?) to prevent my website from being defaced or denied access to? My linux knowledge is limited, so I would appreciate any suggestions/help here.


Solution

  • If you only have static HTML pages, don't run a webserver.

    Use an object store (like Amazon S3 or Rackspace CloudFiles) to distribute your static html files. It's way less expensive, you don't have to handle application security, and is much faster.