Easy way to Configure SSL for Amazon S3 bucket via Cloudflare
Amazon S3 storage is great for off-loading static content such as images & scripts away from your main server, it’s even better (SEO-wise) when you set it to serve images from your domain name. Eg:
Unfortunately, if you were running an online shop and wanted to use SSL (HTTPS://) with this, you have to shell out a hefty $600 per month via AWS Cloudfront to get this added to your domain or subdomain… Which is a tad on the expensive side. Not only that, but if you have a high traffic website, you could be up for significant traffic charges from Amazon.
Being the tight arse that I am I started to investigate other options, and I stumbled across a cost effective solution while testing CloudFlare (not to be confused with Cloudfront). Not only does this allow you to run SSL via a subdomain on an Amazon Bucket it also allows you to use the CloudFlare CDN and security features to keep your traffic costs down for a tiny
$20 per month (or as low as $5 per month for additional sites) $0 per month (now included in Cloudflares free plan).
$0 VS $600? How did I do it? Read on…
How Configure SSL for Amazon S3 bucket via CloudFlare:
First, create your Bucket on Amazon S3. Make sure the bucket name is the same as the domain or subdomain you’re wanting to run CloudFlare SSL on.
Now click into the bucket, and select “Properties”. Under “Static Website Hosting” enable website hosting and enter an index document name such as index.html. Copy the “Endpoint” url as you will need this later for the CloudFlare DNS configuration.
Now you are going to want to register for a CloudFlare
Pro account, as the free account does not give you SSL. Add your domain name and start the setup process.
Once you get to the DNS setup section you are going to need to add a new CNAME record that points to the S3 endpoint we copied before. In the case of images.yourwebsite.com you would create a new DNS record for the subdomain “images” and alias that to your endpoint: Images.yourwebsite.com.s3-website-ap-southeast-2.amazonaws.com
Ensure CloudFlare is enabled on the subdomain by clicking on the grey cloud and making it orange.
Now hit “Save” and wait for a bit for the changes to propagate.
You now need to enable “Flexible SSL” on your main domain. Click to CloudFlare settings and scroll down to SSL and select “Flexible SSL” and hit “Save”.
Now go grab a coffee as it takes an hour or so for everything to take effect. But once it kicks in your S3 bucket should now be serving superfast content via HTTPS for the low price of
$20 $0 per month VS Amazons Cloudfronts $600 + traffic costs. Woohoo.
You can also now benefit from the rest of CloudFlare’s features that can significantly speed up your website.Tags: amazon web services, cloudflare, amazon aws, amazon s3
What would the consequences be if your website, application or database got hacked today? We often see on the news major hacks like Yahoo and the like which is extremely damaging to their brand and business. Most people do not perceive this as an issue until it happens. The old Australian “She’ll be right” attitude is […]More >
Selling your goods on eBay can be a very profitable exercise. People will often use eBay over searching the web to find your online store and it can become a pretty effective sales / marketing channel for your business if you spend a bit of time optimising and automating the process. When I first started […]More >
Woobox is great for slapping up a quick promo based on one of their templates. But what if you want to get this data into another database or mailing system that isn’t supported natively by Woobox? Well you’re in luck as this is your guide to getting your custom Woobox integration up and running. Woobox […]More >
We recently had a client sign up to use HubSpot as their marketing automation platform. Which was fantastic… until they sent us their contact list which was over 70,000 people strong! If we simply imported this list as is it would blow out their contact allowance on HubSpot and cost them $3000 more per month […]More >
Over the years websites have become extremely complex beasts. They now consist of many plugins and other software libraries from 3rd parties that require constant updating to remain secure. If you have ever come across a hacked website, chances are someone hasn’t updated it for a while, and a vulnerability was discovered and exploited. If […]More >