As a fitting first post to this blog I am going to be discussing the process by which anyone can easily setup a WordPress blog on Amazon’s Web Service platform. The nice part about the Bitnami certified WordPress installation is that it comes pre-configured and fully updated. No messing around with setting up databases or changing configuration files is needed.
As always with any setup of a public facing web service I encourage users to first read the OWASP security implementations and considerations here I would not store any financial or personal information on a WordPress site unless you have extensive knowledge and/or dedicated security (managed wordpress hosting)
Step 1: Sign Up
Sign up for a free Amazon Web Services account This process is pretty self-explanatory just make sure to accurately fill out the information as far as e-mail is concerned as this will be used as an administrative login. I also highly suggest securing this account with two factor authentication (see Amazon article on 2FA)
Step 2: Select an AMI (Amazon Machine Image)
When you look through the initial choices they may look as though they are just the operating systems on which the WordPress server will run. However, these images can be thought of as “swap-able” pre-configured operating systems that can be setup with the click of a button.
There are many choices here but since we are installing WordPress I would highly suggest the WordPress Certified by Bitnami Since this is a staple WordPress AWS configuration it will be easily configured and the support is likely easier to find than other wordpress AMI’s. The nice part is these images should all be ready to go out of the box.
In order to find this AMI select AMI Marketplace and search for ‘bitnami‘:
Step 3: Select an EC2 Instance
If you are not familiar with EC2 instances you can think of them as servers you are renting from Amazon. You pay for the cycle time used on the CPU’s to which your server is assigned for these instances. You can host anything on these instances, but more often than not a navigable web service will be installed.
Amazon offers many different tiers of services for EC2 which will need to be considered depending on which situation you find yourself. For large organizations (not sure why you are reading my blog) you will likely need more than one of these instances and place them behind a load balancer… another article in itself. But for most personal sites or small businesses one EC2 instance should be all you need.
|General Purpose – Current Generation|
|t2.nano||1||Variable||0.5 GiB||EBS Only||$0.0058 per Hour|
|t2.micro||1||Variable||1 GiB||EBS Only||$0.0116 per Hour|
|t2.small||1||Variable||2 GiB||EBS Only||$0.023 per Hour|
|t2.medium||2||Variable||4 GiB||EBS Only||$0.0464 per Hour|
|t2.large||2||Variable||8 GiB||EBS Only||$0.0928 per Hour|
|t2.xlarge||4||Variable||16 GiB||EBS Only||$0.1856 per Hour|
|t2.2xlarge||8||Variable||32 GiB||EBS Only||$0.3712 per Hour|
|m5.large||2||8||8 GiB||EBS Only||$0.096 per Hour|
|m5.xlarge||4||16||16 GiB||EBS Only||$0.192 per Hour|
|m5.2xlarge||8||31||32 GiB||EBS Only||$0.384 per Hour|
|m5.4xlarge||16||60||64 GiB||EBS Only||$0.768 per Hour|
|m5.12xlarge||48||173||192 GiB||EBS Only||$2.304 per Hour|
|m5.24xlarge||96||345||384 GiB||EBS Only||$4.608 per Hour|
|m5d.large||2||8||8 GiB||1 x 75 NVMe SSD||$0.113 per Hour|
|m5d.xlarge||4||16||16 GiB||1 x 150 NVMe SSD||$0.226 per Hour|
|m5d.2xlarge||8||31||32 GiB||1 x 300 NVMe SSD||$0.452 per Hour|
|m5d.4xlarge||16||60||64 GiB||2 x 300 NVMe SSD||$0.904 per Hour|
|m5d.12xlarge||48||173||192 GiB||2 x 900 NVMe SSD||$2.712 per Hour|
|m5d.24xlarge||96||345||384 GiB||4 x 900 NVMe SSD||$5.424 per Hour|
|m4.large||2||6.5||8 GiB||EBS Only||$0.10 per Hour|
|m4.xlarge||4||13||16 GiB||EBS Only||$0.20 per Hour|
|m4.2xlarge||8||26||32 GiB||EBS Only||$0.40 per Hour|
|m4.4xlarge||16||53.5||64 GiB||EBS Only||$0.80 per Hour|
|m4.10xlarge||40||124.5||160 GiB||EBS Only||$2.00 per Hour|
|m4.16xlarge||64||188||256 GiB||EBS Only||$3.20 per Hour|
I highly recommend starting with a t2.medium and upgrading or downgrading based on the need. Remember that this is only the first of many EC2 instances that you can host/control through AWS. It comes with 4 gigs of RAM and 2 CPU cores which makes it a solid foundation on which to build any project.
Step 4: Configure EC2 Instance details
There are a lot of configuration options available before we even launch the EC2 instance we just selected. I am not going to deep dive into any of them here as I feel that is best suited for the instance’s documentation. However one feature I suggest is the accidental termination protection which keeps fat fingers or a nefarious “power user” from shutting down this EC2 instance.
Once configuration details have been set, click the Review and Launch button which will start up this EC2 instance. You will be presented with your AMI and EC2 Instance types as review, select Launch
Step 5: Generate a key pair for EC2 Instance
Unless you have already generated a key pair somewhere in AWS before, select Create a new key pair from the drop down menu. The key pair will be downloaded as a *.pem file who’s contents looks like:
-----BEGIN RSA PRIVATE KEY-----
Bunch of random characters that looks like a cat laying down on a keyboard.
-----END RSA PRIVATE KEY-----
Keep this in a safe and secret location as it will be used to access the server we are setting up. I strongly urge users to also back this up to another drive in case of hard disk failure on your local machine. We will be using this key in a later step to connect, so have it handy.
Select Launch Instance(s) and you should be taken to the EC2 Managment console to see your server starting to spin up:
After a certain amount of waiting (shouldn’t be more than a few minutes) you should have a good status indication:
Step 5: Create and Attach an EBS Volume
Our server should be up and running, but the vanilla wordpress install doesn’t have much hard disk space to begin with, let’s fix that! In order to add more hard disk space navigate to the EC2 Management console by selecting the EC2 option in the Compute module of the home screen:
In the right hand column of the EC2 Management Console there should be an option Elastic Block Store -> Volumes
Create a new Volume by clicking Create Volume button. This brings up a form to input the settings for creating the new EBS volume. These settings will vary depending on what size of hard disk you need, what availability zone you are trying to target, and whether or not you want the drive to be encrypted. Availability Zones dictate where your server will be Geo-located to best be “available” to those requesting it’s service in that area. For more information on availability zones see the official Amazon Documentation I recommend creating an EBS Volume of 10GB on the General Purpose SSD to start with on a Bitnami installation:
You can now attach the newly created EBS Volume to your EC2 instance by right-clicking the volume and selecting attach. Select your EC2 instance from the drop-down menu and click Attach. Congratulations, you now have more disk space available to your server.
Step 6: Establish Connectivity
In the Amazon AWS Management console, navigate to the Compute section and select EC2 to navigate to the EC2 Management console. This is where you can basically anything related to your instance(s). For now, let’s just setup a connection with the instance so that we can remote in and start uploading/managing the server directly. For more novice users you can right-click your instance in the EC2 Management Console and click ‘connect’, this provides a popup with both instructions and way to connect with an inbuilt java browser plugin.
In short, you will want an SSH client to your server using the aws generated domain name. It is good to save off a few login script for connection:
A command that could be run at any time from the directory that contains the*.pem key would be:
ssh -i "*.pem" ubuntu@*.amazonaws.com
Where the *.pem file is the key pair we created and saved in an earlier step and the *.amazonaws.com is the instances’ public DNS. ubuntu is the default username for the Bitnami wordpress installation.
Once connected notice that we have a file in the root directory named bitnami_credentials, this file holds the default user and password for your wordpress installation:
Welcome to Ubuntu 16.04.4 LTS (GNU/Linux 4.4.0-1060-aws x86_64)
*** System restart required ***
___ _ _ _
| _ |_) |_ _ _ __ _ _ __ (_)
| _ \ | _| ' \/ _` | ' \| |
*** Welcome to the Bitnami WordPress 4.9.6-0 ***
*** Documentation: https://docs.bitnami.com/aws/apps/wordpress/ ***
*** https://docs.bitnami.com/aws/ ***
*** Bitnami Forums: https://community.bitnami.com/ ***
Last login: Tue Jul 24 20:34:35 2018 from 184.108.40.206
bitnami@ip-172-31-57-124:~$ ls<br>apps bitnami_credentials htdocs stack<br>bitnami@ip-172-31-57-124:~$ cat bitnami_credentials
<br>Welcome to the Bitnami WordPress Stack
The default username and password is 'user' and '0a99fgsdfgcP'.
You can also use this password to access the databases and any other component the stack includes.
Please refer to https://docs.bitnami.com/ for more details.
You now have full connectivity and access to your wordpress installation! You can view to your wordpress webpage by copying your *.amazonaws.com url into your browser, if all went as planed you should see the default landing page:
You can navigate to *.amazonaws.com/wp-admin and enter the credentials found in the previous step to begin administration. Happy day!
Keep it Salty.