Tip jar

If you like CaB and wish to support it, you can use PayPal or KoFi. Thank you, and I hope you continue to enjoy the site - Neil.

Buy Me a Coffee at ko-fi.com

Support CaB

Recent

Welcome to Cook'd and Bomb'd. Please login or sign up.

March 28, 2024, 12:46:26 PM

Login with username, password and session length

Anyone hosted a website out of an AWS S3 bucket?

Started by doppelkorn, March 26, 2018, 12:37:39 PM

Previous topic - Next topic

doppelkorn

Any pitfalls or good (security) practice I should be following? What did it end up costing you?

biggytitbo

I host my images in one, costs me about $2 a month for about 30000 requests a month is, but thats in front of cloud flare.

Sebastian Cobb

Yeah we host some sites out of it. In some cases it's all flat json files with some javascript to parse it and an elasticsearch plugin. Works fine.

Twed

Quote from: biggytitbo on March 26, 2018, 02:32:17 PM
I host my images in one, costs me about $2 a month for about 30000 requests a month is, but thats in front of cloud flare.
behind

doppelkorn

Alright nice one. They say it'll cost about $1-3pcm to host out of there with the volume of data and traffic I expect. Day one was $0.04, but I was a bit surprised because I only put an index.html page in and accessed it a couple of times from a couple of devices to test. I DL'd the detailed activity file but I didn't fully understand what each line represented.


doppelkorn

Ah this is doing my swede. I can get the content up and visible by pointing a browser to the web endpoint no problem, but using Route53 is beyond me, and the AWS documentation is a bit inconsistent and confusing for a complete n00b. Anyone got experience of this? Basically I have about ten DNS records in my Route53 hosted zone and I suspect some of them are trying to do the same thing or somehow otherwise fucking shit up.

doppelkorn

Alright. I got this working no problems in the end, but I'm just looking at getting an SSL cert for the site.

Seems easy to do if I follow this guide I found (you have to do it through CloudFront basically), but can anyone that I won't have to pay the $600 p/m for a "Dedicated IP Custom SSL" as mentioned in the CloudFront pricing small print? I don't really know what that means. Well I do, but I don't know if I have or indeed need an dedicated IP and/or custom SLL cert.

Presumably I won't have to pay that, because the guy in the guide says he spends >$1 p/m on hosting (right now I'm on about $0.65), but I was more curious about what that $600 is for.

Sebastian Cobb

Work does this. We have entire javascript front-ends just dumped in s3 buckets.

We use cloudfront to do ssl and I'm pretty sure it doesn't cost us $600 for the privilege. By the looks of things you pay that for a custom ssl cert, you must be able to use someone else to generate that; we recently moved away from symantec for our certs because they're useless so you can almost certainly go with someone else for that.

I'm not really a devops/infrastructure person but can do more digging on tuesday when I'm back at work.

Zetetic

Quote from: doppelkorn on May 05, 2018, 12:43:02 PM
but can anyone that I won't have to pay the $600 p/m for a "Dedicated IP Custom SSL" as mentioned in the CloudFront pricing small print? I don't really know what that means. Well I do, but I don't know if I have or indeed need an dedicated IP and/or custom SLL cert.
https://aws.amazon.com/cloudfront/custom-ssl-domains/

QuoteThere is no separate pricing for this feature. You can use SNI Custom SSL with no upfront or monthly fees for certificate management; you simply pay normal Amazon CloudFront rates for data transfer and HTTPS requests.

You don't need to support non-SNI HTTPS (and so you don't need an IP-dedicated Custom SSL certificate, or the expensive configuration and resource use on Amazon's end required to use one), unless you're expecting to serve websites to people from the 1930s or something.

doppelkorn

Thanks for this, by the way. I'm now 100% confident that I can host it using HTTPS on S3. Somehow Medium found out I was trying to do it and kept recommending me guides from others who have done the same.