![\"Linux](\"https:\/\/www.antpace.com\/blog\/wp-content\/uploads\/2020\/04\/linux-ami.png\")
Next, I make sure that instance’s Security Group<\/a> allows inbound traffic on SSH, HTTP, and HTTPS. We allow all traffic via HTTP and HTTPS (IPv4 and IPv6, which is why there are 2 entries for each). That way end-users can reach the website from a browser. Inbound SSH access should not be left wide open.<\/strong> Only specific IP addresses should be allowed to command-line in to the server. AWS has an option labeled “My IP” that will populate it for your machine.<\/p>\n Recent AWS UI updates let you set these common rules directly from the “Launch an instance” screen, under “Network settings”<\/p>\n Now that the hosting server is up-and-running, I can command-line in via SSH from my Mac’s terminal using the key file from before. This is what the command looks like:<\/p>\n You might get a CLI error that says:<\/p>\n ” It is required that your private key files are NOT accessible by others. <\/span><\/strong>This private key will be ignored. “<\/span><\/strong><\/p>\n That just means you need to update the file permissions on the key file. You should do that from the command line, in the directory where the file resides:<\/p>\n Make sure everything is up-to-date by running “sudo yum update<\/em>“.\u00a0 I begin installing the required software to host a website:<\/p>\n Note:<\/strong> That command gives me Apache, PHP, and MariaDB – a basic LAMP stack. This next one installs the database server:<\/p>\n MariaDB is a fork of the typical MySQL, but with better performance.<\/p>\n By default, MariaDB will not have any password set. If you choose to install phpMyAdmin<\/a>, it won’t let you login without a password (as per a default setting). You’ll have to set a password from the command line. While connected to your instance via SSH, dispatch this command:<\/p>\n When it prompts you for a password, just hit enter.<\/p>\n Once you’re logged in, you need to switch to the Now you can set a password for the root user with the following command:<\/p>\n After setting the password, you need to flush the privileges to apply the changes:<\/p>\n Start Apache: “sudo systemctl start httpd<\/em>“. And, make sure it always starts when the server boots up “sudo systemctl enable httpd<\/em>”<\/p>\n The server setup is complete. I can access an Apache test page from a web browser by navigating to the EC2 instance’s public IP address.<\/p>\n I’ll take my website files (that are stored on my local machine and synched to a Git repo) and copy them to the server via sFTP.<\/p>\n I need to make sure the Linux user I sFTP with owns the directory “\/var\/www\/html”, or else I’ll get a permission denied error:<\/p>\n sudo chown -R ec2-user \/var\/www\/html<\/em><\/p>\n Later, if I want to be able to upload media to the server from the WordPress CMS, I’ll need to be sure to change the owner of the blog’s directory to the\u00a0apache<\/em> user (which is the behind-the-scenes daemon user invoked for such things):<\/p>\n sudo chown -R apache \/var\/www\/html\/blog<\/em><\/p>\n * AWS Documentation Reference<\/a><\/p>\n Instead of having to use the EC2 server’s public address to see my website from a browser, I’ll point a domain name at it. AWS Route 53<\/a> helps with this. It’s a “DNS web service” that routes users to websites by mapping domain names to IP addresses.<\/p>\n In Route 53 I create a new “hosted zone”, and enter the domain name that I’ll be using for this site.\u00a0 This will automatically generate two record sets: a Name Server\u00a0(NS) record and a Start-of-Authority (SOA) record. I’ll create one more, an IPv4 address (A) record. The value of that record should be the public IP address that I want my domain to point at. You’ll probably also want to add another, identical to the last one, but specifying “www” in the record name.<\/p>\n Finally, I’ll head over to my domain name registrar, and find my domain name’s settings. I update the nameserver values there to match those in my Route 53 NS record set. It’ll likely take some time for this change to be reflected in the domain’s settings. Once that is complete, the domain name will be pointing at my new EC2 instance.<\/p>\n And that’s it – I’ve deployed my website to AWS. The next step is to secure my site by configuring SSL and HTTPS<\/a>.<\/p>\n![\"Inbound](\"https:\/\/www.antpace.com\/blog\/wp-content\/uploads\/2020\/04\/security-group-inbound-rules.png\")
![\"AWS](\"https:\/\/www.antpace.com\/blog\/wp-content\/uploads\/2020\/03\/network-settings.png\")
<\/p>\nConfigure the server<\/h2>\n
ssh -i \/Users\/apace\/my-keys\/keypair-secret.pem ec2-user@ec2-XXX-XXX-XX.us-east-2.compute.amazonaws.com<\/pre>\n
![\"Bad](\"https:\/\/www.antpace.com\/blog\/wp-content\/uploads\/2020\/03\/bad-permissions.png\")
<\/p>\nchmod 400 KeyFileNameHere.pem<\/pre>\n
sudo amazon-linux-extras install -y lamp-mariadb10.2-php7.2 php7.2<\/pre>\n
amazon-linux-extras<\/code> doesn’t exist on the Amazon Linux 2023<\/a> image.<\/p>\nsudo yum install -y httpd mariadb-server<\/pre>\n
mysql -u root -p<\/pre>\n
![\"login](\"https:\/\/www.antpace.com\/blog\/wp-content\/uploads\/2020\/03\/mariadb.png\")
<\/p>\nmysql<\/code> database by running the following command:<\/p>\nuse mysql;<\/pre>\n
UPDATE user SET password = PASSWORD('new_password') WHERE user = 'root';\n<\/pre>\nFLUSH PRIVILEGES;<\/pre>\n
![\"Apache](\"https:\/\/www.antpace.com\/blog\/wp-content\/uploads\/2020\/04\/apache-test-page-1.png\")
![\"Copy](\"https:\/\/www.antpace.com\/blog\/wp-content\/uploads\/2020\/04\/ftp-copy-files.png\")
Domain name and Route 53<\/h2>\n
![\"setting](\"https:\/\/www.antpace.com\/blog\/wp-content\/uploads\/2020\/04\/route-53-record-set-1.png\")
<\/p>\n