So, you got your domain up & working, let’s say, it is http://yourDomain.com, Great!!! But wait! isn’t https:// ? No problem, you must not be dealing with any private or sensitive data of your business and your customer.
What!!! You are!!! Not cool, HTTPS is secure, but HTTP is always vulnerable to eavesdropping attacks where hackers access sensitive information and website accounts. So let’s do HTTPS.
Few days ago, I had setup my own domain & I want to share how I did it.
- Register my domain name on godaddy
- Use AWS for Route 53, S3, Security Group, Elastic IP & of course EC2 instance. I am using AWS Free Tier.
- Install all necessary softwares on EC2 instance. I installed nginx web server on EC2 instance & configured as required.
- Using Route 53 to configure the DNS records to point our domain at our site.
- Open browser & enter http://yourDomain.com. Bingo! everything works as expected. But it is not secure, https:// enabled.
Next is to make it secure using SSL certificate & enabling https:// for your domain, this is what the blog is all about.
The next three blogs, are going to be …
Signup for StartSSL: Signup before using services of startSSL like generating SSL certificate.
- Part 1/2 - Get SSL certificate (free): I want a totally, 100% free cert so I’m going to use StartSSL.
- Part 2/2 - Configure SSL on nginx web server: to use SSL certificate & enable HTTPS along with some other security stuff.