I have an api server sat behind a load balancer as part of an AWS elastic beanstalk configuration.
I want to ensure that only my web application can talk to the api server (via the load balancer). My web application is hosted in s3. Can somebody please enlighten me as to the best way to go about this?
Thanks in advance.
S3 simply serves your web app's static files to an end-user's web browser. The application runs in each user's web browser. No code is ever running on S3. As such, there is no way to do what you are asking.
You might want to look into something like API keys, or possibly AWS Cognito.
Related
I am running a custom PHP application, My application is using ALB and EC2. I am facing issues with a lot of fake requests which are similar to the WordPress site and loading my site and make it inactive. Is there a way that we can create Rules in WAF and attach it to load balancer to block that bad requests? Any other alternate way suggestions/solutions are also appreciated.
Fake requests look as below
https://example.com/xxx.php
https://example.com/wp-login.php
https://example.com/dsfh.php
I'm new to AWS and I'm in the process of deploying an app there. I already hosted my frontend in S3 and cloudfront and generated a certificate in order to serve my frontend with https. Now I need to provide access to my backend. I already created the proper structure in EC2 and I can even retrieve info from my backend through simple http. The problem is that once my frontend is https and my backend is http it refuses to receive info thowing an error for "mixed content".
I already read a lot of articles from AWS and yet I'm confused on how to implement https in ec2.
I've created load balancers, VPC and etc, but I really can't make it work.
If anyone can help me with , I'd be thankful!
I'm working on this site that I'm hosting with AWS. I'm hosting a vue.js frontend in an S3 bucket and the backend utilizes Spring Boot hosted with Elastic Beanstalk and a MySQL RDS instance. After playing around some, I got the frontend to serve up files via HTTPS, but now my requests to the Spring API are failing.
I've done a lot of digging on this and it seems that are may be several ways to handle this, but I just keep getting stuck and not knowing where to turn next. I've tried playing around with setting up a load balancer, and also tried configuring a proxy in a .ebextensions configuration file.
This whole thing was working when I set it up with HTTP originally, but now that the front-end is serving up HTTPS it won't work.
Web browsers must be blocking your mixed HTTP/HTTPs content because of their inbuilt security. You need to make sure that you setup the whole site using HTTPs or HTTP. As you have already set up the S3 content to be served through HTTPs, now you must configure your Elastic Beanstalk environment to be setup with HTTPs too. Here is the link to help you with that
Configuring HTTPS for Your Elastic Beanstalk Environment
If your site is built with a CRM? (WordPress/Joomla/ect.) then there are plugins/extensions that handle that. I had a similar situation with a WordPress site, and used the plug-in called "SSL Insecure Content Fixer". Worked without a hitch, rather than scanning through the entire site for mixed HTTP/HTTPs content.
I have a WordPress blog that serves niche content on domain.com
On a different endpoint, domain.com/api/ I have a completely different Node.JS API that doesn't regard the WordPress but I want to serve it from the same domain.
It is worth mentioning that we proiritize performance and speed above all.
My thought was the following :
Set up 2 EC2 Instances, one for the WordPress and one for the API (Maybe make the API a Lambda instance ?).
Set up an Application Load Balancer that will know how to route requests with a rule depending on the URL.
Is it the right way to go ? Should I just use nginx as a reverse proxy and serve the Node.JS API on a local port ?
I also want to use Elastic Beanstalk to save myself the headache of configuring the Load Balancer and the Auto Scaling group.
P.S If anyone has any advice or good habits on how to build those (With S3 Bucket perhaps, over CloudFront, etc etc) it will be more than welcome.
Thanks !
I am using AWS Toolkit to deploy the wcf service on amazon elastic beanstalk, after deployment it shows environment is healthy but when i browse the URL then it redirected to the IIS Server Page, i am unable to access the service url , please let me know how to access the hosted service
Thanks in advance
Follow the standard procedure to deploy a ASP.net project. Here is the link for that : Link
But for you WCF service you need a simple html page at project root. E.g. index.html or default.html. Load balancer need this page to check if the instance is available or not. Without this html page load balancer will consider the instance dead and remove it.