DEV Community

Cover image for Deploying Fast and Secure Web App on AWS — Part 1b
Ewere Diagboya
Ewere Diagboya

Posted on • Updated on

Deploying Fast and Secure Web App on AWS — Part 1b

Introduction Continues
In Part 1a, I explained how websites are hosted using Shared Web Hosting and Dedicated web hosting. I itemized some of the characteristics that the Shared Hosting and Dedicated Hosting have, and how they can restrict your business growth and eventually make you want to seek another option to be able to scale when you get more users visiting your application. In some cases, you spend so much to keep your website available and to scale you have to pay more. In this part, I will be explaining how the Cloud has changed all these perspectives we had. It will also show ways cost can be drastically cut down and how you can grow your business spending less. 

In Cloud billing, there are usually upfront costs, most of the billing in the cloud is pay as you use. You save more because you do not pay for resources or services you do not use. The rate is not fixed, giving you the customer/user the power to choose what you want, and be in control of how much you spend. In Cloud computing, you will also need a domain name, but the hosting is quite different from that of shared hosting. You are charged for the size of data you have on S3, and you are also charged for the number of requests that the S3 website serves. The cost of the service is determined by the amount of traffic the website receives within a month. This bill could start from as low as $0.00/mo (this is our monthly cost at This means we practically pay nothing for the website hosted in Amazon S3 every month.

When you use Amazon S3, your website is hosted in an environment that scales automatically. That promises 99.999999999% durability of your website and 99.99% uptime. It means that you might have downtime in only 8 seconds in one day (here). You are also guaranteed of replication of your data, because your data in S3 is by default replicated across the availability zones in the region you choose to create the Amazon S3 bucket and host the web application. There are various ways to store objects and applications in S3 but we will be elaborating on that in the Part 2 of this series. The availability and durability that are on S3, does not your require any form of developer or user intervention, as they are handled automatically by S3 itself. 

Just like the popular cPanel or Plesk consoles, Amazon S3 also has a very user friendly GUI console that makes it easy to copy website files, and manage them. Amazon S3 also has option of SDK and CLI for copy web files into S3. Amazon S3, has a unique feature called versioning, which if enabled makes it possible to store your old files and even if a new ones over-writes it, it is still possible to retrieve the old ones. The option of CLI makes it possible to configure and setup automated deployments for your websites in S3, using CI/CD tools such as AWS CodePipeline to help make deployments of websites faster. It also enables to possibility of a rollback in the eventuality of an error or wrong deployment happens. With this you do not have to update the website with a "Down for maintenance" page, you can perform deployments anytime with little or no downtime noticed by the customers and users.

Amazon S3, on its own does not come with a lot of security features for hosting web applications in AWS. But he has a brother that makes this happen. A complete serverless website suite is not complete with Amazon Cloudfront. Amazon Cloudfront is AWS web caching service that helps to cache your website to be available globally across over 200 Edge Locations. This does not only increase the speed of your website by bringing it closer to your customers, it also has a programmable layer to it called Lambda@Edge. The Lambda@Edge is a programmable feature in Cloudfront that gives the ability to inject code within every AWS web request and response. With this in-place security headers such as; CSP, X-XSS, Referrer-Policy, HTTP Strict Transport Security, are easy to integrate and extend. Lambda@Edge can also be used to perform web page compression, HTTP header validation, image compression and many more functionalities. At the moment Lambda@Edge supports Python and NodeJS.


As we have seen in this part, we have described new and better ways to setup, deploy, scale and spend less on our websites and web applications. Using a combination of S3, Cloudfront, Lambda@Edge, we can deploy planet-scale web application without breaking a sweat. It is also interesting to note that, we do spend less having all these amazing feature and scale intermittently as the demand increases. The next part of this series will start with S3 and talking about what it can offer and how we can host a website on S3. Stay glued.

Are you interested in understanding how Cloud connects to your current tech career or role ? Do you want a Cloud Computing training that speaks to your current career or job function ? Click this link and see how we can help

Top comments (0)