A comprehensive solution for hosting a secure, reliable, and efficient static web page using AWS services
The project aims to develop a secure, reliable, and efficient hosting solution for a static web page. The organization's current infrastructure lacks essential security measures, redundancy, and global accessibility, leading to potential security breaches, downtime, and slow website performance. This project provides a comprehensive solution using Amazon Web Services (AWS) to address these concerns.
An organization requires a solution for hosting a static web page that ensures firewall protection, failover capabilities, geographical restrictions, and low latency access. The existing infrastructure's shortcomings include inadequate security, lack of redundancy, and poor global accessibility, resulting in potential security breaches, downtime, and slow website performance. The organization needs a hosting solution with robust firewall protection, automatic failover mechanisms, geographical access restrictions, and low latency access for users worldwide.
To provide a hosting solution that ensures secure, reliable, and efficient global access to the organization's web page.
- Amazon S3: To host the static website.
- Amazon CloudFront Distribution: To provide an automatic failover mechanism, enforce geographical restrictions, and ensure low latency access.
- Amazon WAF (Web Application Firewall): For firewall protection.
Objective: Set up primary and secondary buckets to host the static website.
Steps Followed:
- Created the primary bucket:
Vishawnathbucket1 - Created the secondary bucket:
Vishawnathbucket2 - Created an
index.htmlfile and uploaded it to both primary and secondary buckets.
Objective: Set up CloudFront to distribute and serve content from the S3 buckets with enhanced features.
Steps Followed:
- Created a CloudFront distribution.
- Selected the primary bucket for the origin domain.
- Created a new origin access identity (OAI).
- Modified settings in the "Default behavior" to disable caching.
Objective: Ensure high availability by configuring failover between the primary and secondary S3 buckets.
Steps Followed:
- Added the secondary bucket as an origin in the distribution.
- Selected the previously created OAI for origin access.
- Created an origin group.
- Configured failover criteria to include all 4xx errors.
- Edited the behavior settings to use the newly created origin group.
Objective: Validate the failover mechanism works as expected when the primary bucket is unavailable.
Steps Followed:
- Accessed the website using the CloudFront origin domain URL.
- Deleted the
index.htmlfile from the primary S3 bucket. - Confirmed the website was still accessible, fetching
index.htmlfrom the secondary bucket.
Objective: Implement firewall protection to filter and allow/deny traffic based on predefined rules.
Steps Followed:
- Enabled the web application firewall (WAF) in the CloudFront distribution's security settings.
Objective: Restrict access to the website based on geographic location.
Steps Followed:
- Edited the geographic restriction settings in the CloudFront distribution's security tab.
- Attempted to access the website from a blocked location and confirmed access was denied.
Objective: Ensure updated content is served by invalidating cached data in CloudFront.
Steps Followed:
- Invalidated the
index.htmlfile, removing it from edge locations to ensure updated content is served.
Objective: Clean up and delete all resources created in AWS.
Steps Followed:
- Disabled and deleted the CloudFront distribution.
- Deleted the primary and secondary S3 buckets.
This project successfully provided a secure, reliable, and efficient global hosting solution for the organization's static web page. By leveraging AWS services such as S3, CloudFront, and WAF, the project achieved robust firewall protection, automatic failover capabilities, geographical restrictions, and low latency access.
For further information or support, please contact [vishawnath.sethi786@hotmail.com]
Architectural Diagram:
