Deploying Fast and Secure Web App on AWS — Part 1a

nimboya

Ewere Diagboya

Posted on March 20, 2020

Deploying Fast and Secure Web App on AWS — Part 1a

Introduction
The internet is filled up with millions of websites. Most of these websites are hosted on servers in different locations around the world. In the days of Shared Hosting only, the server configuration, system availability and scalability solely lied in the hands of the hosting company. These websites were hosted using cPanel and WHM.
A cPanel WHM hosting typically had a webserver (Apache/Nginx/Lightspeed) for Linux servers. For the Windows option, it is usually Windows IIS. As a customer, you are usually not bothered by how these servers have been configured because you do not have direct access to the server. So what happens is that you copy/upload the files of your website (HTML, CSS, and JavaScript) to the server of the hosting company via a management console. cPanel is still king in that space, and it has been hard for any other web hosting service to come and take that place.

Billing
The payment model for this is usually a yearly fixed-rate or monthly fixed rate as the case may be. You pay for the domain name; for example, ewere.com and you have to purchase a hosting account which is the server where your website will be stored. The price for this could vary in terms of the size and bandwidth that will be offered per month. In my 15 years of website, what I notice is that most websites are ever able to fill up the size allocated or even the bandwidth allocated per month. Which is more of offer provisioning? But it is static so it can’t be changed. Well, what used to happen then was we could smartly use the concept of “Add-on Domain”. Instead of buying a fresh hosting account, you can use the same hosting account to host more than one website, but you will have to purchase a domain name for it. With this, the value of the hosting account is increased because more than one website can be uploaded to that same hosting account (Please do not tell our clients).

Alt Text

Another very interesting concept is the concept of Dedicated Hosting. I see people paying so much for this and they are not able to consume up to 20% of the resources. It gives the customer that feeling that they get a Dedicated IP address with a big server with so many resources, which puts so much hole in your pocket. In the end, you are still presented with a cPanel login for uploading your files because you have the notion that you will be expecting so much traffic to your website. Some of them start at $80/mo, and it is still a single server and you are not guaranteed of high availability.

Operations
In the case of Shared hosting, it gives you some kind of comfort, you do not have to worry about update patches and configuration changes, you only have to upload your website anytime you want and ensure you do not have bugs that will make your website unavailable. So it is something like the AWS Shared Responsibility Model. The hosting company takes care of the security of the server the racking and stacking, while you take responsibility for the security of your website. They also assist with security patches, for the operating system and applications within the server. So if for any reason your website is hacked due to your own negligence, they do not take responsibility for that.
In the case of dedicated, it goes in a fairly different direction, you are given access to the server itself, so you are responsible for updates and security of not just the application but also of the services and applications running within the server apart from your application hosted within the server. So there is still OpEX in having a man stand-by who has to watch that server for anything and ensure that the server does not go down in serving your customers.

Availability
Most times, you are not guaranteed of availability of Shared hosting, because the whole website sits on a single server. If anything happens to that single server. Your website goes offline. In most cases, that single server host other websites, hence it is called Shared hosting. On the side of Dedicated, you have some level of guarantee that your server is owned only by you, and only your files are hosted there, but hey, you got a single point of failure. When anything happens to that single server your application is hosted, you lose everything. If there is any kind of attack or hack on the website or server, there is nothing to fall back to, no system to keep the website or application highly, available.

Deployment
When there is going to be a deployment to the hosting, it is quite cumbersome, most times, you have to copy a zip file to a specific folder in the server. When the zip file is copied, the old website files and copied and backed up and the new file unzipped and tested. Most times, this leads to some temporary downtime on the website and in some cases, the website puts a “we will be back” back to let customers know of the downtime. But these are some of the problems and challenges DevOps solves. With concepts such as CI/CD and release management. I actually once did a pipeline from a CI/CD tool to a cPanel website and it actually worked fine. I used the FTP account on the tool and I was able to deploy automatedly to the cPanel hosting. It was a nice experience. I think it can be used to improve deployment efficiency.

Security/Scalability
The security in this aspect is truly in your hands. For web application security, you will have to rely on the .htaccess file of your apache website, to be able to configure custom HTTP header securities, like Content Security Policy (CSP), X-XSS Protection, Referrer-Policy, HTTP Strict Transport Security. These are security loopholes that can cause some serious damage to your web application is not closed or fixed on the header response layer of the webserver.

For the part of scalability, the only promise that exists is vertical scaling; which means if the system needs more resources, you pay for more resources in terms of server space and bandwidth. In simple terms, the hosting can start with 5GB of storage and 20GB of bandwidth, and scale-up, to 10GB of storage and 40GB bandwidth which in some cases you do not need both to increase maybe just the bandwidth because of high traffic volume, but you have no choice but forced to pay for both. This same principle applies to both shared and dedicated hosting. Just like deployment, you will need to notify your customers of scheduled downtime for this to occur because the server configurations need to be changed before this can be applied and available for customers.

There is a new way to deploy, secure, scale and give your website 99.99999999 durability. You also pay for as much Gigabyte that your website is, and you don’t get to overpay for space that you might never have to use for your website. Lastly, with a flip-switch, your website is available to the world, cached and given users all over the world a consistent and fast user experience that they have never experienced. It will also ensure world-class security on your web application, enforcing security on the edge. Also, you will cut down cost by 50% of your costing, and pay less than $1 monthly for your website and planet-scale scalability for your application and website.

In this three-part series, I will be explaining how all these work and solves most of the challenges I mentioned in this part 1a. I will also be showing us how to set up, configure and deploy a website in a whole new way, using Serverless Technologies that will cost you next to nothing to host, run and scale your website. Stay with me for 1b for more.




Are you interested in understanding how Cloud connects to your current tech career or role ? Do you want a Cloud Computing training that speaks to your current career or job function ? Click this link and see how we can help
💖 💪 🙅 🚩
nimboya
Ewere Diagboya

Posted on March 20, 2020

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related