Community Blog Deploying Your Applications and Websites Easily and Securely on ECS

Deploying Your Applications and Websites Easily and Securely on ECS

ECS offers fast and secure virtual cloud servers for your cloud hosting needs, in this article you will get some useful information to deploy your applications and websites.

Alibaba Cloud ECS is an onling computing service which offers fast and secure deployment to help you power your cloud applications. Now in March 5th, 2020 on our Academy Day Online Conference you can gain deep insights on ECS and integrate the best practices on the cloud to empower your business with free ACA Cloud Computing certification exams. Sign up free here now!

How to Host Multiple Websites on a Single ECS Instance

In this article, we will learn how to host more than one website on an ECS instance with Docker Compose and a Reverse Proxy.

Alibaba Cloud ECS instance can potentially serve more than one website with Docker Compose and a Reverse Proxy, there are multiple solutions to handle different content in one single instance ECS:

  1. Subfolders ("example.com/web1", "example.com/web2", "example.com/web3")
  2. Port-based Virtual Hosting ("example.com:80", "example.com:8080", "example.com:8181")
  3. Subdomains ("web1.example.com", "web2.example.com", "web3.example.com")
  4. Name-based Virtual Hosting ("web1.com", "web2.com", "web3.com")

How to Deploy Apps Easily on an ECS Instance

Deploy an application can be easy, and here you can get information on how easy is to deploy an App on an Alibaba Cloud ECS instance with Packer and Terraform.

Terraform, made by the same company as Packer, Hashicorp, came to existence as a very interesting and powerful tool for easy deployment. Based in the same principles as Packer, Terraform lets you build infrastructure in Alibaba Cloud by just using a single config file, in the TF format this time, also helping with versioning and clear understanding of how all the bits are working beneath your application.

For the sake of simplicity I created the application ready to use. You can find the source code in https://github.com/roura356a/metar to have a look, which includes an index.php, 2 javascript files to decode the METAR data and a bit of CSS and a PNG image to make it less boring. The application is based in docker-compose and is something we will install as dependency with Packer later.

Cyber Security Tips for ECS Instances

Cyber security should be a good concern in this information era, here you can get some useful information on ECS and some security hardening requirements.

Elastic Compute Service (ECS) instance, ApsaraDB for RDS MySQL database, Server Load Balancer, with Elastic IP and security group is the most common scenario for most applications hosted on the web. Although the system is functioning well, this type of deployment is deficient in terms of cyber security. This is especially true for servers used in production scenarios.

This article will focus on ECS and its security hardening requirements, which are easy to follow.

Tips to Secure Your Applications on ECS Instance

ECS offers secure virtual cloud servers, and you can get some tips to harden the security for your applications in this article.

For common web applications, please do not use default passwords or blank passwords for web service consoles, and upgrade web applications to the latest version, use a complex password for server access.

For common database applications, please modify default connection ports for services, create different accounts for different roles and refine authentication and use a complex password for the database password.

ECS Security Groups Configuring Guide

When creating an ECS instance of the VPC network, you can either use the default security group or use other existing security groups in the VPC. A security group is a virtual firewall used to control the inbound and outbound traffic of an ECS instance.

In this guide, you will find some infomation of ECS security groups and how to configure these security groups.

Related Documentation

Increase data throughput through read/write split - Elastic Compute Service

This topic describes how to split read and write operations at the application layer and system layer. To improve overall system performance and optimize user experience, you can reduce the load of your primary database through read/write split.

Best practices of ECS data security

This document introduces how to implement data security for ECS instances from the O&M perspective.

· Back up data regularly
· Design security domains properly
· Set security group rules
· Set logon passwords
· Server port security
· Application vulnerability protection
· Security information collection

Related Market Products

Elastic Compute Service

Elastic Compute Service (ECS) is a high-performance, stable, reliable, and scalable IaaS-level service provided by Alibaba Cloud. It is more convenient and efficient compared with physical servers. You can immediately acquire ECS instances and scale computing resources on-demand. ECS provides a variety of instance types that suit various business needs and help boost business growth.

Security Services

Alibaba Cloud security services protect your business, operations, network, application, cloud server and infrastructure with threat detection, DDoS defense, real time server monitor, anti-bot protection, SSL certificates, etc.

Related Special Offer

Elastic Compute Service Starter Packages

Alibaba Cloud, as Olympics Worldwide Cloud Services Partner, now offers Starter Package 2.0 . Start now to get easy-to-use high-performance virtual machines with data transfer plan starting from $2.50 a month.

0 0 0
Share on

Alibaba Clouder

2,600 posts | 750 followers

You may also like