DEV Community

Abdullateef OGUNDIPE
Abdullateef OGUNDIPE

Posted on

1

Day 4: Configuring CloudFront and Securing Your Website with HTTPS

Recap of Day 3

Yesterday, we laid the groundwork by creating a secure AWS environment and setting up an S3 bucket to host the static files for the LimitlessAO Power Solutions website. We also enabled static website hosting, providing a temporary endpoint URL for accessing the site. Today, we’ll take it a step further by integrating CloudFront, a Content Delivery Network (CDN), to ensure fast and reliable delivery of website content worldwide. Additionally, we’ll configure an SSL certificate using AWS Certificate Manager (ACM) to secure the website with HTTPS.

Why CloudFront and HTTPS?

CloudFront enhances the performance and reliability of your website by caching content across a global network of edge locations. This minimizes latency for users regardless of their location. Adding HTTPS with an SSL certificate ensures encrypted communication between your website and its visitors, boosting both security and trust.

Step-by-Step Implementation

Step 1: Configure CloudFront

  • Go to the CloudFront Management Console.
  • Click Create Distribution and select Web Distribution.
  • Set the following configuration:
  • Origin Domain Name: Select your S3 bucket from the dropdown list.
  • Origin Access Control (OAC): Create an OAC to restrict direct access to your S3 bucket.

Cloudfrond distribution creation

  • Viewer Protocol Policy: Select Redirect HTTP to HTTPS to enforce secure connections.

Redirection process

  • Cache Behavior: Leave the defaults or customize based on your caching needs.
  • Save the configuration and wait for the distribution to deploy (this might take a few minutes).

Step 2: Restrict Public Access to the S3 Bucket

  • Once CloudFront is set up, we need to ensure that the S3 bucket cannot be accessed directly:
  • Go to the Permissions tab of your S3 bucket.
  • Edit the Bucket Policy to allow only access from CloudFront using the OAC created earlier.
  • Save the changes.

Bucket Policy

Step 3: Configure HTTPS with ACM

  • Navigate to the AWS Certificate Manager.
  • Request a public certificate:
  • Enter your domain name (e.g., www.limitlessao-website.com).
  • Choose DNS Validation for a straightforward process.
  • After requesting the certificate, ACM will provide a CNAME record to add to your DNS configuration.
  • Use Route 53 (or your DNS provider) to create a CNAME record for validation.
  • Once validated, the certificate status will change to Issued.

Certificate Creation

Step 4: Associate the SSL Certificate with CloudFront

  • Go back to your CloudFront distribution settings.
  • Edit the SSL Certificate section under the Distribution Settings:
  • Select Custom SSL Certificate and choose the certificate issued by ACM.
  • Save the configuration and allow the distribution to update.

Attaching Certificate to Cloudfront

"Security is not just a feature—it’s the foundation for trust in the digital world."

What’s Next?
With CloudFront and HTTPS in place, the website is optimized for performance and secured for its users. Tomorrow, we’ll integrate Route 53 to map your custom domain to the CloudFront distribution, completing the migration process.

Stay tuned!
LimitlessAO

Image of Timescale

🚀 pgai Vectorizer: SQLAlchemy and LiteLLM Make Vector Search Simple

We built pgai Vectorizer to simplify embedding management for AI applications—without needing a separate database or complex infrastructure. Since launch, developers have created over 3,000 vectorizers on Timescale Cloud, with many more self-hosted.

Read more →

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more