A Comprehensive Walkthrough to deploy a secure, high-performance static website
✅ Overview of Architecture
This guide provides a step-by-step, real-world approach to deploying a static website on AWS using:
Host a static website using Nginx (Web Server) on an EC2 instance (Virtual Server)..
Point a custom domain from Route 53 (DNS & Domain Management) to that server.
Secure it with SSL/TLS certificates using Certbot & Let’s Encrypt.
📌 Prerequisites
✅ AWS account: free-tier eligible (with necessary permissions to use EC2, Route 53, and Security Groups)
✅ Domain name (already registered via Route 53)
✅ Basic static website files (HTML/CSS/JS)
✅ SSH key pair to access the EC2 instance
✅ AWS CLI & access to terminal (e.g., VS Code terminal or local shell)
✅ Basic Linux CLI Knowledge (SSH, file editing)
🚀 Step-by-Step Guide
🟩 Step 1: Launch a Secure EC2 Instance
1. Launched an Ubuntu EC2 Instance named “jodinho_agency_server” with AMI of 24.04 LTS (HVM) in the us-west-2 region using the AWS console.
2. Gave it the instance type of t2.micro which is within the free-tier. Created SSH key pair named jodinho-kp to access the instance on port 22. The default VPC and Subnet were used for the networking configuration.
3. The security group was configured with the following inbound rules:
Allow traffic on port 22 (SSH) with source IP addresses from any location.
Allow traffic on port 443 (HTTPS) with source from anywhere on the internet.
Allow traffic on port 80 (HTTP) with source from anywhere on the internet.
And we’ll leave the storage at default, 8GB GP3 volume storage. Then we hit the launch instance button.
4. First, we need to move the keypair file from the download folder into the .ssh folder;
cp ~/Downloads/jodinho-kp.pem ~/.ssh/
The private SSH key that got downloaded has now been moved, the permission was changed for the private key file and then used to connect to the instance by running the following commands;
chmod 400 ~/.ssh/jodinho-kp.pem
ssh -i ~/.ssh/jodinho-kp.pem ubuntu@54.212.87.210
Where username=ubuntu and public ip address=54.212.87.210
🟩 Step 2: Update & Install Nginx
Step 1 - Install Nginx web server
1. Update and upgrade the server’s package index
Run a sudo apt update to download package information from all configured sources.
sudo apt update
Run a sudo apt upgrade to upgrade the package
sudo apt upgrade -y
2. Install nginx
Run a sudo apt install nginx -y to install nginx
sudo apt install nginx -y
3. Verify that nginx is active and running
To verify Nginx server has been installed and is running, we will run the following command
sudo systemctl status nginx
If it's green and running, then nginx is correctly installed
4. Access nginx locally on the Ubuntu shell
Accessing the default nginx web server block to see if everything works correctly. curl the local IP address of our local machine, which in most cases is 127.0.0.1 or the DNS name localhost, on any web browser on our local machine:
curl http://54.212.87.210
curl http://localhost
The below result shows Nginx has been properly set up, and we can deploy our web application.
5. Test with the public IP address if the Nginx server can respond to requests from the internet using the URL in a browser.
http://54.212.87.210
This shows that the web server is correctly installed and is accessible through the firewall.
🟩 Step 3: Upload Static Website Files
1. So we will clone the website from our Gitlab repo here using the command below:
Git clone https://gitlab.com/uwadon1-group/jodinho-digital-website.git Next, we will change directory into the just cloned repo using the command cd jodinho-digital-website.
2. Nginx has its default page where it serves its contents. We can move into the folder for the Nginx default page to check it out using the command: cd /var/www/html. When we type LS, we can see the Nginx default HTML page, e.g index.nginx-debian.html. To see the content, we type in cat index.nginx-debian.html and see the exact content we saw on the browser earlier, but in HTML format.
3. Now, we will copy all our files nginx /var/www/html directory to replace the default page that was initially served. To do that, we will use the following command:
sudo cp -r jodinho-digital-website/* /var/www/html. But before then, we will have to remove the default file nginx index page, using the command: sudo rm index.nginx-debian.html.
4. We will input our IP address into the browser again, other things being equal, the website we replaced on Nginx should reflect this time, even without restarting the Nginx server.
🟩 Step 4: Point Route 53 Domain to EC2
1. What we want to do now is to link our IP address to our domain name, so instead of sharing IP addresses with visitors of your website, the best practice is to give them your domain name to input into the browser. We already have a domain name, so what we will do now is to map it to the IP address. If you need guidance on creating a domain on Route 53, this guide should help you
We will search for Route 53 service from the AWS search bar, and click on hosted zone, you will see your domain name, click on it and select create record. Input your record name, e.g, jodinho.uwhadone.click, Record Type: A, in the space of values, input your IP address, e.g, 54.212.87.210, leave the other options as default and click create record.
We will wait a few minutes, then visit our domain via the browser http://jodinho.uwhadone.click.
Now, we have to make our website more secure via HTTPS rather than HTTP.
2. We will head back to our terminal and go to the directory serving our nginx configuration file located at /etc using the command:
cd /etc/nginx. Type LS to see a list of all the files and folders here. Our major concern here would be sites-enabled, that's where we can find the list of sites. We want our Nginx server to serve visitors. We will cd into this directory and delete the default configuration file there and create a new one to replace it, using this command: sudo rm default.
We will create a new nginx config file via the vim editor using the command below:
sudo vim default
And paste the following commands:
server {
listen 80;
server_name jodinho.uwhadone.click;
root /var/www/html;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
4. We can verify the syntax of our nginx configuration file is correct and also reload the nginx server using the commands below:
sudo nginx -t
&&
sudo systemctl reload nginx
🟩 Step 6: Install Certbot & Enable HTTPS
1. Now we need to get rid of HTTP and make use of HTTPS in order to make our website more secure. We will have to install certbot (this is a free software that enables us to configure nginx to use TLS & SSL certificates for HTTPS)
We will install certbot using the following command:
sudo apt install certbot python3-certbot-nginx -y
Next, we will type in this command sudo certbot --nginx -d jodinho.uwhadone.click. (What this command would do is to look through the Nginx configuration file and enable HTTPS.
A prompt will come up to type in your email address, type in yes for the remaining options, and you will see an update that it is requesting a certificate for your domain.
2. Now we will navigate back to our nginx config file to observe some changes in it. You will observe that certbot has made some adjustments to our nginx config file. You will also observe the SSL keys placed beside the nginx configuration
3. Now we will have to restart nginx to observe the change in our website from being unsecured to HTTPS secured.
Run the command: sudo systemctl restart nginx
✅ Deployment Complete!
🎉 Final Result
Static site hosted on AWS EC2
Custom domain via Route 53
Free SSL (HTTPS) via Certbot
Top comments (0)