Are you looking to boost your website’s security and SEO ranking on AWS?Enabling HTTPS and utilizing alternate domain names are crucial steps in achieving both. This guide will walk you through configuring HTTPS with AWS Certificate Manager (ACM) and managing alternate domain names using CloudFront, ensuring a secure and versatile online presence.

In my previous article, we explored the benefits and functionalities of website hosting on S3 bucket.

Understanding HTTPS and Its Importance

HTTPS, or Hypertext Transfer Protocol Secure, encrypts communication between your website and visitors’ browsers. This vital security measure protects sensitive data like login credentials and credit card information from prying eyes.

But HTTPS isn’t just about security. Search engines like Google prioritize websites with HTTPS in their ranking algorithms. This means a secure website is more likely to appear higher in search results, leading to increased organic traffic. Additionally, unsecured websites with the feared “Not Secure” label in browsers can scare away visitors, damaging user trust and conversion rates

Setting Up SSL Certificates with AWS Certificate Manager (ACM)

AWS Certificate Manager (ACM) is a free service that simplifies the process of requesting and managing SSL certificates for your website hosted on AWS. Here’s how to get started:

1. Log in to the AWS Management Console and navigate to the ACM service.

2. Click on “Request a certificate”.

3. Select the region as Virginia.

The reason behind selecting the region as Virginia is when creating the cloud front distribution you are allowed to get the SSL certificate from this particular region.

4. Select the certificate type as ‘public certificate’ by selecting ‘Request a public certificate’.

5. Enter your domain name.

You can add another name for this certificate by clicking on ‘Add another name to this certificate’. I added ‘*.’ with my domain name to get this certificate for all my subdomains.

6. Choose the validation method.

• Domain Validation: Verifies ownership of the domain through a DNS record. This is the quickest and easiest option.
• Email Validation: Provides a higher level of trust by verifying your organisation’s identity. This requires additional documentation.

7. Follow the on-screen instructions to complete the validation process based on your chosen method.

8. Enter tag name (Optional)

If you are having several SSL certificates for several websites, tag names will help you to identify which certificate is used for the particular website.

The SSL certificate will be validated only after adding DNS records to the domain.

9. Add DNS records to the domain.

Go to your domain provider and add new DNS records.

The type should be ‘CNAME’ and the ‘Name (Host)’ is the ‘CNAME name’ from the SSL certificate. The ‘Alias Of (Points To)’ is the ‘CNAME value’ from the SSL certificate. If you have added several names for the certificate, add DNS record for each name.

The SSL certificate will be validated after adding the DNS records.

Configuring Alternate Domain Names with AWS CloudFront

CloudFront is a content delivery network (CDN) service offered by AWS. It acts as a network of servers geographically distributed around the world, delivering your website content to users with faster loading times and improved performance. CloudFront allows you to manage alternate domain names, also known as CNAMEs (Canonical Name records). These CNAMEs point additional domain names to your website hosted on AWS.

Here’s how to configure alternate domain names with CloudFront:

1. Log in to the AWS Management Console and navigate to the CloudFront service.
2. Click on “Create a CloudFront Distribution”.
3. Under “Origin Settings,” enter the domain name (e.g., S3 bucket) where your website content is hosted. Select the domain name from the list.

Then you will be given a warning recommending to use the S3 website endpoint. Click on ‘Use website endpoint’.

4. In the “Default cache behavior” section, click on “Edit” and configure the following:

• “Viewer Protocol Policy”: Set to “Redirect to HTTPS” to ensure all traffic is directed to the secure version of your website.

5. Under “Web Application Firewall (WAF)” section, choose ‘Do not enable security protections’.

6. Under “Settings,” locate the “Alternate Domain Names (CNAMEs)” section.

7. Enter each of your alternate domain names you want to point to your website and select the SSL certificate.

8. Enter the html file name that you want to load when loading the website for ‘Default root object’.

9. Click on “Create distribution” to complete the configuration.

10. Point your domain to CloudFront distribution URL.

Go to the domain provider and add a new DNS record. Select the type as ‘CNAME’ and enter the name of your website under ‘Name (Host)’. Enter the URL from cloud front distribution for ‘Alias Of (Points To)’.

It will take a few minutes to propagate the DNS record.

Best Practices for Managing HTTPS and Alternate Domains

• Ensure all your alternate domain names point to the HTTPS version of your website. This maintains consistent security and avoids mixed content warnings.
• Keep your SSL certificate up-to-date. Certificates typically expire after a year, so it’s crucial to renew them before expiration to avoid security vulnerabilities.
• Monitor your website for any SSL certificate errors. Tools like Google Search Console can alert you to potential issues.
• Consider using a wildcard SSL certificate if you have multiple subdomains under your main domain name. This simplifies certificate management by covering all subdomains with a single certificate.

Conclusion

This article is a guide for website owners who use AWS to improve their website’s security and reach. It focuses on two key strategies:

1. Enabling HTTPS: The guide explains how to use AWS Certificate Manager (ACM) to obtain a free SSL certificate and configure your website to use HTTPS encryption. This protects user data and builds trust with visitors.
2. Managing Alternate Domain Names: The guide details how to use CloudFront, a content delivery network (CDN) service offered by AWS, to manage alternate domain names. This allows you to use multiple domain names to point to your website, increasing its reach and branding flexibility.

By implementing these practices, website owners can enhance their website’s security, potentially improve SEO ranking, and provide a more secure and user-friendly experience for visitors.

Ready to take your website to the next level? Start configuring HTTPS and alternate domain names on AWS today!