Connecting your domain to an AWS EC2 instance using Cloudflare can enhance your website’s security, performance, and reliability. This guide will walk you through the steps to point your domain to your EC2 instance and ensure everything is configured correctly.
Locating Your EC2 Instance’s Public IP Address in AWS
- Log in to the AWS Management Console:
- Navigate to the AWS Management Console and log in with your credentials.
- Access the EC2 Dashboard:
- In the Services menu, select EC2 under the Compute category.
- Locate Your Instance:
- In the EC2 Dashboard, click on Instances in the left-hand menu to see a list of your running instances.
- Find the Public IP Address:
- Select the instance you want to connect to your domain. The public IP address will be displayed in the instance details section.
Modifying DNS Records in Cloudflare to Point to Your EC2 Instance
- Log in to Cloudflare:
- Go to the Cloudflare Dashboard and log in with your account credentials.
- Select Your Domain:
- Choose the domain you want to connect to your EC2 instance from the list of domains in your Cloudflare account.
- Access the DNS Settings:
- Click on the DNS tab to access your domain’s DNS settings.
- Add an A Record:
- Click the Add Record button.
- Select A from the Type dropdown menu.
- In the Name field, enter the desired subdomain (e.g., www) or leave it blank to use the root domain.
- In the IPv4 address field, enter the public IP address of your EC2 instance.
- Set the TTL to Auto.
- Ensure the Proxy status is set to Proxied for Cloudflare’s security and performance benefits.
- Save the Record:
- Click Save to add the DNS record.
Understanding DNS Propagation Time After Making Changes
DNS changes typically take some time to propagate across the internet. This period can range from a few minutes to 48 hours, depending on factors such as TTL (Time to Live) settings and your ISP’s DNS cache. Some users might still be directed to the old IP address, while others see the updated one.
Configuring Your Web Server (Nginx/Apache) to Respond to Your Domain (Optional)
Nginx Configuration
- Access Your EC2 Instance:
- Connect to your EC2 instance using SSH.
- Open the Nginx Configuration File:
- Edit your Nginx configuration file (usually located at /etc/nginx/sites-available/default or /etc/nginx/nginx.conf).
- Update the Server Block:
server {
listen 80;
server_name yourdomain.com www.yourdomain.com;
location / {
proxy_pass http://localhost:YOUR_PORT;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
- Save and Restart Nginx:
- Save the file and restart Nginx with sudo systemctl restart nginx.
Apache Configuration
- Access Your EC2 Instance:
- Connect to your EC2 instance using SSH.
- Open the Apache Configuration File:
- Edit your Apache configuration file (usually located at /etc/httpd/conf/httpd.conf or /etc/apache2/sites-available/000-default.conf).
- Update the Virtual Host Block:
<VirtualHost *:80>
ServerName yourdomain.com
ServerAlias www.yourdomain.com
DocumentRoot /var/www/html
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
- Save and Restart Apache:
- Save the file and restart Apache with sudo systemctl restart httpd or sudo systemctl restart apache2.
Troubleshooting Tips for Common Issues
SSL Configuration with Cloudflare
- Enable SSL in Cloudflare:
- In your Cloudflare dashboard, go to the SSL/TLS tab.
- Select Full or Full (Strict) mode for a secure connection between Cloudflare and your server.
- Install SSL Certificate on Your EC2 Instance:
- Use a tool like Certbot to obtain and install an SSL certificate from Let’s Encrypt.
- Configure Nginx for SSL:
- Update your Nginx configuration to listen on port 443 and use the SSL certificate:
server {
listen 443 ssl;
server_name yourdomain.com www.yourdomain.com;
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;
location / {
proxy_pass http://localhost:YOUR_PORT;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
- Configure Apache for SSL:
- Update your Apache configuration to use the SSL certificate:
<VirtualHost *:443>
ServerName yourdomain.com
ServerAlias www.yourdomain.com
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
- Restart Your Web Server:
- Restart Nginx or Apache to apply the changes.
Other Common Issues
- Domain Not Resolving:
- Ensure your DNS records are correctly set up in Cloudflare.
- Check DNS propagation status using tools like What’s My DNS.
- Website Not Loading:
- Verify that your EC2 instance is running and accessible.
- Ensure your security groups allow HTTP/HTTPS traffic.
- SSL Errors:
- Double-check your SSL settings in Cloudflare and on your web server.
- Ensure your SSL certificates are correctly installed and not expired.
Conclusion
By following this guide, you can successfully connect your domain on Cloudflare to your AWS EC2 instance. This setup will enhance your website’s security, performance, and reliability. Monitor your site’s performance and security settings to maintain optimal operation.