Set Up Your Amazon EC2


So, if you want have an Amazon EC2 instance to run Wordpress or simply a website you made, you can do that for cheap using Amazon’s Elastic Compute Cloud (EC2). So let’s get right into it! You will be using the command line for this (or PuTTY), but if you don’t know, that’s okay, because I’ll cover that.

Also, If I’m going too slow, I’m sorry, but please bare with me because I made this tutorial for people that had and didn’t have any prior experience.

Step 1: Create an Account

Obviously, you need to create your AWS account; you can sign up here. You have to provide your credit card to register and you’ll need a valid phone number because Amazon will call you as part of the process. Amazon offers a Free Usage Tier, which is great to explore the services and even host real apps without being charged. You should look at the details.

Step 2: Create an Instance

Now that you have an account, we can proceed to creating our instance. So, go to your management console, and then click the EC2 tab (it should be under the Compute and Networking section)

What type of EC2 instance should you use? I used a Micro instance because it is free for 1 year and also very cheap. Here are the instances It may depend on your traffic. If you get a few thousand visitors a day, then you may want a larger instance. For now, I’ll go with the micro instance.

Click the big “Launch Instance” button. Make sure “Classic Wizard” is selected and click “Continue”. Then choose an AMI. I chose the Basic 32-bit Amazon Linux AMI. Instance details: Select the Instance Type you want to use. I chose Micro because it’s free (t1.micro). Create a new key pair. Enter a name for your key pair (i.e. shalin) and download your key pair (i.e. shalin.pem).

NOTE: DO NOT give anyone your key pair. It the access key to your whole instance. Don’t lose or delete it either, otherwise you won’t be able to connect to your instance!

Select the create new security group, give it a name and description, and then, for the create the new rule, select: DNS (add rule) SSH (add rule) HTTP (add rule) POP3 (add rule) SMTP (add rule) MYSQL (add rule)

Then, finally launch you instance.

Step 3: SSH into your Instance

On the sidebar, click on the tab “Elastic IP’s” and find the button that says “Allocate New Address” Make sure EC2 is selected and click “Yes, Allocate”. Once you do that, you want to click on the address you created and select “Associate Address” and associate it to your instance.

Once your instance is running, you can ssh into it. SSH stands for secure shell. It means you connecting to something that it remote from your computer. For example, you could connect to another device or computer if you had their ip address and password.

First, you need to identify the address of your instance: Select the instance in the AWS Management Console, and look for the Public DNS in the instance description (bottom part of the screen).

Then, open up the terminal application. For mac, click ⌘ Command + Space and search terminal or open the terminal app. For linux, go the terminal app.

Once you are in terminal, enter this command chmod 600 Downloads/shalin.pem And change the .pem file’s full path and name.

Then Connect: ssh -i Downloads/shalin.pem ec2-user@ec2-your-public-dns-of-your-instance.amazonaws.com or you can type ssh -i Downloads/shalin.pem ec2-user@your ip you just associated either one works. Make sure you change the .pem file’s full path and name and your public DNS.

Hit “Enter”, you will be asked: “Are you sure you want to continue connecting (yes/no)?” Type yes.

Step 4: The Basics

Okay, so now you’ve most likely followed everything in this tutorial successfully and now have a running instance that you’ve connected to. Lets begin the server stuff.

The command line is only confusing at first..

Here are the basic terminal commands

  • The man command is for a manual or help on something. (i.e. man ls)

  • The ls command is to view the items in the directory.

  • The cd command is to go into or out of a folder (directory) like this cd / moves you to the very very main directory and cd ../ moves you back one directory.

  • The sudo command is to become the Super-User, meaning you can do everything. Only use this when you have to, as this can be dangerous.

One of the most important command is vim or vi. It is a command line text editor. Type in man vim to read about vim. To edit something you type vim file-name.txt

More Commands…

Step 5: Useful Software

You have a server running now, but it can’t do anything useful…yet…

Installing Apache

So we will allow this server to display a simple website. For that, we will need to install Apache. Before you do anything, become the root user of this server, so type sudo su

To install the Apache Web Server, type: yum install httpd
Start the Apache Web Server: service httpd start
Make sure it’s running. service httpd status

Now your website is working! To test your Web Server, open a browser and access your web site: http://ec2-the-public-dns-of-your-instance.amazonaws.com (Use your actual public DNS name). You should see a standard Amazon place holder page.

Installing PHP

To install PHP, type: yum install php php-mysql

Restart the Apache Web Server: service httpd restart

Create a page to test your PHP installation: cd /var/www/html vim test.php Type i to start the insert mode Type <? php phpinfo() ?> Press “Control+C” (mac, windows, and linux) Then type :wq to write the file and quit vim

Open a browser and access test.php to test your PHP installation: http://ec2-the-public-dns-of-your-instance.amazonaws.com/test.php (Use your actual public DNS name).

If you don’t want this file, go back onto terminal and type: rm test.php

/var/www/html/ is your root directory, meaning, that any files that you put in here, will automatically be put on your public DNS

Installing MySQL

To install MySQL, type: yum install mysql mysql-server
Then Start MySQL service mysqld start
Then Set A New Password: /usr/bin/mysqladmin -u root password ‘new-password’

MySQL Security

Before using MySQL in production, you’ll want to improve your MySQL installation security. Run:

mysql_secure_installation This will help you set a password for the root account, remove anonymous-user accounts, and remove the test database.

phpMyAdmin

We will now set up an awesome php and mysql interface called phpmyadmin That will help run queries and optimize our databases. Run this command to download it

wget http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.5.3/phpMyAdmin-3.5.3-all-languages.zip

After it has downloaded, unzip it: unzip phpMyAdmin-3.5.3-all-languages.zip -C /var/www/html

Then rename the folder: mv phpMyAdmin-3.4.1-all-languages phpmyadmin

And finally remove the old folder rm -r phpMyAdmin-3.5.3-all-languages.zip

Open a browser and access phpmyadmin/ to test your PHP installation: http://ec2-your-public-dns-of-your-instance.amazonaws.com/phpmyadmin/ (Use your actual public DNS name).

Then configure all the stuff it tells you to.

Keep MySQL In Good Shape

Over time your MySQL tables will get fragmented and queries will take longer to complete. You can keep your tables in top shape by regularly running OPTIMIZE TABLE on all your tables. But, since you’ll never remember to do this regularly, we should set up a cron job to do this.

Open up your crontab file: crontab -e

Then, add the following line: @weekly mysqlcheck -o –user=root –password=your password here -A

Also, you can do the same from phpmyadmin manually to verify that it works correctly.

Step 6: Security

If your going to make a website and put it on the internet, it has to be really secure. There are a bunch or people that will mess with your server or write a script to hack it. So, you have to prevent these.

httpd.conf

So first, enter this command: vim /etc/conf/httpd/httpd.conf

Your httpd.conf file should now be open. DO NOT mess around with this unless you know what you’re doing otherwise you may screw everything up.

Scroll down and look for this piece of code:

<directory "/var/www/html">
    Options Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</directory>

Press i then change this to:

<directory "/var/www/html">
    Options Indexes FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all
</directory>

Make sure that AllowOverride is set to All otherwise, what we are about to do won’t work. Next hit Control+C and type :wq

.htaccess

Great! Now do: cd /var/www/html/

and then, create a file named .htaccess: vim .htaccess

You should get a blank text document because we haven’t put anything in it. Here is a list of things you should put in this file to make it more secure.

Remove Access To Your Important Files And .htaccess

<filesmatch ".(htaccess|htpasswd|ini|phps|fla|psd|log|sh)$">
 Order Allow,Deny
 Deny from all
</filesmatch>
<files ~ "^.*\.([Hh][Tt][Aa])"<
order allow,deny
deny from all
satisfy all
</files<

Disable Directory Browsing

Options All -Indexes

No Spam (Bad Bots and Hackers)

# ----------------------------------------------------------------------^M
# No Spam (Bad Bots and Hackers)
# ----------------------------------------------------------------------^M

RewriteEngine On ^M
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR] 
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR] 
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] ^M
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR] ^M
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR] ^M
RewriteCond %{HTTP_USER_AGENT} ^Zeus ^M
RewriteRule ^.* - [F,L]^M

Compression

# ----------------------------------------------------------------------
# Gzip compression
# ----------------------------------------------------------------------

<ifmodule mod_deflate.c>

  # Force deflate for mangled headers developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping/
  </ifmodule><ifmodule mod_setenvif.c>
    </ifmodule><ifmodule mod_headers.c>
      SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
      RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding^M
    </ifmodule>

  # HTML, TXT, CSS, JavaScript, JSON, XML, HTC:
  <ifmodule filter_module>
    FilterDeclare   COMPRESS
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $text/html
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $text/css
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $text/plain
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $text/xml
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $text/x-component
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $application/javascript
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $application/json
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $application/xml
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $application/xhtml+xml
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $application/rss+xml
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $application/atom+xml
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $application/vnd.ms-fontobject
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $image/svg+xml
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $image/x-icon
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $application/x-font-ttf
    FilterProvider  COMPRESS  DEFLATE resp=Content-Type $font/opentype
    FilterChain     COMPRESS
    FilterProtocol  COMPRESS  DEFLATE change=yes;byteranges=no
  </ifmodule>

  <ifmodule !mod_filter.c>
    # Legacy versions of Apache
    AddOutputFilterByType DEFLATE text/html text/plain text/css application/json
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE text/xml application/xml text/x-component
    AddOutputFilterByType DEFLATE application/xhtml+xml application/rss+xml application/atom+xml
    AddOutputFilterByType DEFLATE image/x-icon image/svg+xml application/vnd.ms-fontobject application/x-font-ttf font/opentype
  </ifmodule>

Error Documents

#---------------ERROR DOCUMENTS---------------#

#BAD_REQUEST
ErrorDocument 400 /var/www/html/400.php
 
#UNAUTHORIZED
ErrorDocument 401 /var/www/html/401.php
 
#FORBIDDEN
ErrorDocument 403 /var/www/html/403.php
 
#NOT_FOUND (Most Common)
ErrorDocument 404 /var/www/html/404.php

Amazon EC2 is Awesome!

I hope you found my setup recipe (tutorial) for Amazon EC2 helpful. Sign up for Amazon EC2!

If you want to buy a domain, please use this link and I will get $1.00 off on my yearly plan for my domains. If not, you can use the normal link.




Share on Google+






Shalin Shah

Shalin Shah I'm a high school junior living in California. I enjoy building iOS and Web apps. Besides coding, I like running, travelling, and listening to good music.