Security

Security Group Strategy

Allowing only ports 22 (SSH), 80 (HTTP), and 443 (HTTPS) on AWS security groups is crucial for security and efficient resource management.

🛡️ Why this matters: By restricting access to these specific ports, you limit the attack surface of your AWS resources, prevent unnecessary traffic, and ensure only authorized services can communicate with them.

Launch an EC2 Instance

Deploying a Node.js app from Windows → WSL → AWS EC2.

Apache (Web Server)

  • ✅ Easy to get started
  • ✅ Great for static sites
  • ❌ Not scalable by itself
  • ❌ Lacks built-in monitoring

AWS EC2 (Virtual Machine)

  • ✅ Cloud VM — run anything on it
  • ✅ Supports scaling & snapshots
  • ✅ DevOps-ready
  • ❌ Steeper learning curve
Simple Analogy: EC2 is the house. Apache is the kitchen. You install Apache inside EC2 to “cook” your web content.

Step-by-Step Deployment Guide

1

Test app locally

npm install
npm start

Visit: http://localhost:5001

2

Set up WSL & Rsync

wsl --install
sudo apt update
sudo apt install rsync
3

Move SSH key to WSL

cp "/mnt/c/Users/Dell Inspiron/.ssh/ssh1.pem" ~/.ssh/
chmod 400 ~/.ssh/ssh1.pem
4

Deploy code with Rsync

rsync -avz --exclude 'node_modules' --exclude '.git' --exclude '.env' \
-e "ssh -i ~/.ssh/ssh1.pem" \
. ubuntu@ec2-YOUR-IP.compute-1.amazonaws.com:~/app

⚡ One-Click Deployment Script

Automating the process with deploy.sh

The Script:

#!/bin/bash

KEY_PATH="$HOME/.ssh/ssh1.pem"
REMOTE_USER="ubuntu"
REMOTE_HOST="ec2-YOUR-PUBLIC-IP.compute-1.amazonaws.com"
REMOTE_DIR="~/app"

echo "🚀 Starting deployment to $REMOTE_HOST"

rsync -avz --exclude 'node_modules' --exclude '.git' --exclude '.env' \
-e "ssh -i $KEY_PATH" \
. $REMOTE_USER@$REMOTE_HOST:$REMOTE_DIR

echo "✅ Code synced. Logging into EC2..."
ssh -i $KEY_PATH $REMOTE_USER@$REMOTE_HOST << 'EOF'
  cd ~/app
  npm install
  npm start
EOF

Run with: ./deploy.sh