Insight cloud

Tag: ec2 infa

  • How to Secure Your AWS EC2 Instance: A Beginner’s Guide

    If you are new to cloud computing and AWS, launching your first EC2 instance is exciting. But once your server is running, security becomes your top priority. Leaving your EC2 instance open or misconfigured can lead to hackers gaining access, data loss, or even your AWS account getting suspended.

    In this blog, I’ll explain step-by-step how to secure your EC2 instance using simple methods anyone can follow, even if you are a beginner. Plus, at the end, I’ll share a detailed video tutorial to watch for live demonstrations.

    What is an EC2 Instance and Why Should You Secure It?

    Amazon EC2 (Elastic Compute Cloud) is a service that allows you to rent virtual servers in the cloud. You can install software, host websites, run applications, and more.

    But, by default:

    • Your EC2 instance is connected to the internet.
    • If security is not set up correctly, anyone can try to connect to your server.
    • Attackers often scan the internet for unprotected servers to hack.

    So, securing your EC2 instance means making sure only trusted people and systems can connect to it.

    Step 1: Configure AWS Security Groups (Virtual Firewall)

    Security groups are like gates around your EC2 instance. They decide who can enter and who cannot.

    What to do:

    • Open only the ports your application needs.
    • For example, if you want to connect using SSH (to control the server), open port 22 only to your IP address (your home or office IP).
    • If you host a website, open ports 80 (HTTP) and 443 (HTTPS) to everyone.
    • Close all other ports.

    How to do this:

    1. Login to the AWS Management Console.
    2. Navigate to EC2 > Security Groups.
    3. Create or select a security group.
    4. Add inbound rules:
      • SSH (TCP port 22): Source — your IP only (e.g., 203.0.113.25/32)
      • HTTP (TCP port 80): Source — Anywhere (0.0.0.0/0)
      • HTTPS (TCP port 443): Source — Anywhere (0.0.0.0/0)

    By restricting SSH to only your IP, you prevent others from trying to guess your password or keys.

    Step 2: Harden SSH Access (No Root Login and Use Keys)

    SSH (Secure Shell) lets you remotely access your server. But leaving default settings can be dangerous.

    What to do:

    • Disable root login via SSH.
    • Use SSH key pairs instead of passwords.
    • Disable password authentication to force key-based login.

    How to do this:

    1. Connect to your EC2 instance via SSH.
    2. Edit the SSH config file:
    sudo nano /etc/ssh/sshd_config
    1. Find and change these lines:
    PermitRootLogin no
PasswordAuthentication no
    1. Save the file (CTRL + O), then exit (CTRL + X).
    2. Restart SSH service:
    sudo systemctl restart sshd

    Now, only users with the correct SSH key can log in, and root login is disabled.

    Step 3: Enable a Host-Level Firewall (UFW or iptables)

    AWS Security Groups are great but adding a firewall inside your server adds another layer of protection.

    Using UFW on Ubuntu (Simple Firewall):

    1. Install UFW if not installed:
    sudo apt update
sudo apt install ufw
    1. Allow SSH (so you don’t lock yourself out):
    sudo ufw allow OpenSSH
    1. Allow HTTP and HTTPS if you need web traffic:
    sudo ufw allow 80
sudo ufw allow 443
    1. Enable the firewall:
    sudo ufw enable
    1. Check status:
    sudo ufw status verbose

    This ensures your server only accepts traffic on ports you specify.

    Step 4: Install Fail2Ban to Block Malicious Login Attempts

    Hackers try to brute-force SSH passwords repeatedly. Fail2Ban helps by banning IPs with many failed attempts.

    How to install and enable Fail2Ban:

    sudo apt install fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2ban

    Fail2Ban will automatically monitor logs and ban suspicious IP addresses.

    Step 5: Monitor AWS Activity with GuardDuty and CloudTrail

    AWS provides tools to watch for suspicious activity and audit your account.

    • GuardDuty: Detects threats like unusual login attempts or malware.
    • CloudTrail: Keeps a record of all API calls in your account.

    Enable these from AWS Console > Security Services to stay informed.

    Bonus Tips

    • Keep your server updated with security patches:
    sudo apt update && sudo apt upgrade -y
    • Create backups regularly.
    • Use multi-factor authentication (MFA) on your AWS account.

    Watch the Full Step-by-Step Video Guide!

    I’ve created a detailed video showing you exactly how to do everything explained above — with live demos and tips.

    Watch here: How to Secure EC2 Instance | AWS Security Best Practices

    Subscribe to the channel for more DevOps and Linux tutorials every week!

    Conclusion

    Security might seem complicated, but by following these steps carefully, even beginners can protect their EC2 instances from common threats.

    Start today — secure your cloud server, protect your data, and build your confidence with cloud technologies!

    Need help or want to learn more?

    Feel free to ask questions in the comments or visit my blog insightclouds.in for more tutorials.