πSecuring an NGINX Server on AWS EC2 with Custom Domain Using Let's Encrypt SSL
Ashwini SinghTable of contents
- π§° Prerequisites
- βοΈ Step 1: Launch an EC2 Instance
- π» Step 2: Connect via SSH using PuTTY (Windows)
- π Step 3: Point Domain to EC2
- π§ Step 4: Install NGINX + Hello Page
- π Step 5: Add Free SSL with Letβs Encrypt
- π§ Bonus: Editing the NGINX Config
- π Project Structure
- π Architecture Diagram
- π Final Output
- Conclusion
Setting up a secure web server is a foundational DevOps skill. In this post, you'll learn how to
β
Launch an EC2 instance
β
Set up NGINX with a custom Hello page
β
Secure it with a free SSL certificate using Let's Encrypt
β
Connect your domain using Route 53
π§° Prerequisites
AWS account
A registered domain (Route 53, GoDaddy, etc.)
PuTTY (Windows) or terminal (Linux/macOS)
Basic Linux command-line knowledge
βοΈ Step 1: Launch an EC2 Instance
Go to the AWS EC2 Dashboard
Click Launch Instance
Choose OS: Ubuntu 22.04 or Amazon Linux 2
Select instance type:
t3.mediumConfigure in a Public Subnet of a VPC
Enable inbound rules in the Security Group
TCP 22 (SSH)
TCP 80 (HTTP)
TCP 443 (HTTPS)
Download the .pem key pair
π» Step 2: Connect via SSH using PuTTY (Windows)
Open PuTTYgen
Load your .pem file
Click Save Private Key β This generates .ppk
Open PuTTY
Host Name:
ubuntu@your-ec2-ipGo to Connection β SSH β Auth
Load the
.ppk fileClick Open β Youβre connected
π Step 3: Point Domain to EC2
Go to Route 53 β Hosted Zones
Click Create Record
Type:
AName:
@orwwwValue: your
EC2 IP
π Test: Visit http://yourdomain.com β The NGINX default page should appear.
π§ Step 4: Install NGINX + Hello Page
sudo apt update
sudo apt install nginx -y
echo "<h1>Hello from AWS + NGINX</h1>" | sudo tee /var/www/html/index.html
sudo systemctl restart nginx
Access it at http://yourdomain.com
π Step 5: Add Free SSL with Letβs Encrypt
Install Certbot:
sudo apt install certbot python3-certbot-nginx -y
Run Certbot for your domain:
sudo certbot --nginx -d yourdomain.com
Test auto-renewal:
sudo certbot renew --dry-run
π§ Bonus: Editing the NGINX Config
sudo vim /etc/nginx/sites-available/default
Example Config:
server {
listen 80;
server_name yourdomain.com;
root /var/www/html;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
Save and reload:
sudo systemctl reload nginx
π Project Structure
π /var/www/html/index.html # Custom hello page
π /etc/nginx/sites-available # NGINX site configs
π SSL: Managed by Certbot
π Domain: Managed via Route 53
π Architecture Diagram
π Final Output
https://yourdomain.com
With NGINX serving your page securely over HTTPS
Conclusion
By adhering to this guide, you have successfully established a secure NGINX server on AWS EC2, featuring a custom domain and SSL encryption from Let's Encrypt. This essential DevOps skill not only improves the security of your web applications but also ensures a professional and reliable online presence. With your domain correctly configured and SSL implemented, your server is now equipped to manage traffic securely, offering users a seamless and protected browsing experience. Continue to explore and enhance your skills to further optimise and scale your infrastructure.
Subscribe to my newsletter
Read articles from Ashwini Singh directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by