A Laravel app without HTTPS is like a door without a lock - and securing it doesn't have to cost a cent.
🚀 Introduction
As a freelance developer, I often help early-stage startups and solo founders get their Laravel app live quickly - without expensive managed services.
If you're building an MVP or a client project that needs to go live fast but still be secure and scalable, this post is for you.
In this article, I'll show you my step-by-step process to deploy a Laravel app to an AWS EC2 instance with free SSL using Certbot - no fluff, no bloated stack.
⚙️ Prerequisites
- Laravel project
- Domain name
- AWS account with EC2 access (you can get 12 month free tier on signup)
- Basic knowledge of SSH
🛠 Step 1: Launch Your EC2 Instance
- Go to EC2 > Launch Instance
- Choose Ubuntu 24.04 LTS
- Select t2.micro (free tier eligible)
- Create key pair (.pem file) and download it
- Open port 22 (SSH), 80 (HTTP), and 443 (HTTPS) in the security group
📦 Step 2: Setup Your Server
SSH into your server:
ssh -i your-key.pem ubuntu@your-ec2-ip
Update packages:
sudo apt update && sudo apt upgrade -y
Install PHP, Composer, MySQL (or use RDS), Nginx:
sudo apt install php php-mysql nginx composer unzip curl -y
🚚 Step 3: Deploy Laravel App
- Clone from Git or upload project:
git clone https://github.com/your_username/your_project.git /var/www/html
- Set correct permissions:
sudo chown -R www-data:www-data /var/www/your-app
Create and configure
.env, runcomposer install&php artisan key:generateConfigure Nginx to serve Laravel:
Example config:
server {
listen 80;
listen [::]:80;
server_name example.com;
root /srv/example.com/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ ^/index\.php(/|$) {
fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_hide_header X-Powered-By;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
- Reload nginx:
sudo nginx -t && sudo systemctl reload nginx
🌐 Step 4: Point Your Domain/Subdomain to EC2
Before enabling SSL, you need to point your domain (or subdomain) to your EC2 server.
- Get your EC2 Public IP: In the AWS EC2 dashboard, find your instance's Public IPv4 address.
- Go to your DNS provider (e.g., Cloudflare, Namecheap, GoDaddy, etc.)
- Add an A record:
- Type: A
-
Name: e.g.
app(for app.yourdomain.com) or@for root domain - Value: Your EC2 public IPv4 address
- TTL: Auto or 1 hour
- Wait for propagation, usually 5–15 minutes.
To test:
ping yourdomain.com
or open it in the browser to see if it routes to your EC2 server (even if it's a 403 or Nginx page).
🔒 Step 4: Enable Free SSL with Certbot
Install Certbot:
sudo apt install certbot python3-certbot-nginx -y
Run SSL setup:
sudo certbot --nginx -d yourdomain.com
Done! Certbot will automatically configure HTTPS and set up auto-renew.
💬 Conclusion
You don't need complex tools to deploy Laravel for early-stage apps. AWS EC2 + Nginx + Certbot is enough for secure, scalable, and cost-effective deployments.
I've helped multiple clients launch MVPs and internal tools using this setup. If you're building something and need it shipped fast, I'd love to help.
If you've any question or trouble when following this tutorial, feel free to comment below or DM me 👇
👉 afifihsnm.is-a.dev | 💬 DM me on Twitter: @afifihsnm
Top comments (0)