I have been trying to figure out how to implement SSL with websites hosted on Amazon S3 for a few weeks now. Finally, I think I figured it out. Well the first challenge was getting Cloudfront to work with my S3 bucket. What was causing it to fail is selecting the wrong Origin Domain Name when creating a new distribution. When you click on the text box, Amazon lists recognized S3 buckets. Do not pick from the list. Instead, copy and paste the endpoint URL found in the properties of the bucket.
Once I started to see data when I generated reports in Cloudfront, I knew I did it right this time. The next step is get the SSL certificate in Amazon IAM. Once you upload it, it will be available in the dropdown list in Cloudfront to be selected. It’s a long and tedious process with some trial and error, but I think it’s worth it to increase browsing security for the website.
A couple of things that I’m still working on are:
- Ensure Disqus comments are not broken. If you are having issues, please let me know.
Why implement SSL?
- The main reason why we implemented it is to allow a secure connection from your browser to our website. There are many companies out there secretly injecting tracking scripts to its customers/users. Why? Well, to make money off you, of course. I’m hoping to reduce the effectiveness of such practices. http://arstechnica.com/security/2014/10/verizon-wireless-injects-identifiers-link-its-users-to-web-requests/
- Google plans to increase search result ranking for websites using HTTPS. http://arstechnica.com/security/2014/08/in-major-shift-google-boosts-search-rankings-of-https-protected-sites/
- I was curious about how it works and its implementation so I decided to do it on our own website.
I’ve been using Amazon S3 service for quite some time. It’s a cost effective service for backing up files in the cloud. You pretty much pay what you use. I mainly use S3 for backing up my photos – both digital and scanned. At the time I wrote this post (June 2013), I am using around 35GB of space. For the space, Amazon is charging me under $3 per month. There are other costs like bandwidth and requests but my bill for May 2013 was $3.30. So in 1 year, if my storage size doesn’t grow, I would have paid under $40. Not bad considering that they are storing files I can’t afford to lose. I also have local back ups.
I also use Amazon Glacier. This service is similar to S3 but it’s more for archiving purposes. Unlike S3, where files are readily available, files stored in Glacier require a few hours of waiting time before the files can be accessed and download. For this reason, this service is cost is a lot more lower than S3. I use this service to archive old family videos that I’ve captured from VHS, High8, and DV. Video files can get large but at the cost of a penny ($0.01) per GB, it’s worth using specially having a backup in the cloud. So as an example, based on May 2013, I have about 38GB of files stored with Glacier. Amazon charged me $0.54 – includes storage and requests fees.
So how do I get all my files into Amazon servers? Well, there’s a great software developed by Cloudberry calledS3 Explorer. It’s very easy to use. It works similarly to FTP client software. All you have to do is enter your login credentials for Amazon. You will get 2 window panes. The left will be your local. So you can browse your computer for the files you want to upload. The right pane is where you select your Amazon account from the drop down. It will then display your directory structure in Amazon. Just like the left pane, you can browse around to a location where you want to store the files. You can click and drag the files over or highlight the files you want to back up and click on the Copy button above. A window pane in the bottom will appear to display the transfer status. Not only is it easy to use, it’s also free.
After a few months of using the free version, I got a license for their pro version. I wanted to get more customization and play with the IAM manager. The multithreading upload is a great feature as well. I do many large file uploads and wanted to take advantage of this feature. You can check out the comparison chart.
I highly recommend using using Amazon’s cloud storage service. I also highly recommend using Cloudberry S3 Explorer with it. They are great together.