- Launch an Amazon EC2 instance using your preferred AMI (Amazon Machine Image).
- Create a new security group.
- Allow access to ports 80 (HTTP) and 443 (HTTPS) from all IP addresses.
- Allow SSH access only from your personal IP address for security.
- Use the SSH command to connect:
ssh -i "your-key.pem" ec2-user@your-ec2-ip-address
Execute the following commands to install Nginx:
sudo wget http://nginx.org/keys/nginx_signing.key
sudo apt-key add nginx_signing.key
sudo apt-get update
sudo apt-get install nginx
sudo systemctl start nginx.service
# Optionally, check the status of Nginx:
sudo systemctl status nginx.service
Install Certbot and generate SSL certificates:
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot certonly --nginx
# Note the path where your SSL certificates are stored.
Set up your Nginx server block to use HTTPS:
- Navigate to the Nginx configuration directory and create a new configuration file:
cd /etc/nginx/conf.d sudo touch default.conf sudo nano default.conf
- Edit the
default.conf
file to include the following:server { listen 443 ssl; server_name your-domain.com; ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem; # Adjust path as necessary ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem; # Adjust path as necessary add_header Strict-Transport-Security "max-age=31536000"; location / { proxy_pass http://127.0.0.1:PORT; # Replace PORT with the port number of your application proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }
- Replace
your-domain.com
with your actual domain name. - Replace
PORT
with the port number where your application is running.
- Replace
- Restart Nginx to apply the changes:
sudo systemctl restart nginx
- Ensure your firewall and security group settings allow traffic on port 443.