Alibaba Cloud ECS is an onling computing service which offers fast and secure deployment to help you power your cloud applications. Now in March 5th, 2020 on our Academy Day Online Conference you can gain deep insights on ECS and integrate the best practices on the cloud to empower your business with free ACA Cloud Computing certification exams. Sign up free here now!
In this article, we will learn how to host more than one website on an ECS instance with Docker Compose and a Reverse Proxy.
Alibaba Cloud ECS instance can potentially serve more than one website with Docker Compose and a Reverse Proxy, there are multiple solutions to handle different content in one single instance ECS:
Deploy an application can be easy, and here you can get information on how easy is to deploy an App on an Alibaba Cloud ECS instance with Packer and Terraform.
Terraform, made by the same company as Packer, Hashicorp, came to existence as a very interesting and powerful tool for easy deployment. Based in the same principles as Packer, Terraform lets you build infrastructure in Alibaba Cloud by just using a single config file, in the TF format this time, also helping with versioning and clear understanding of how all the bits are working beneath your application.
For the sake of simplicity I created the application ready to use. You can find the source code in https://github.com/roura356a/metar to have a look, which includes an index.php, 2 javascript files to decode the METAR data and a bit of CSS and a PNG image to make it less boring. The application is based in docker-compose and is something we will install as dependency with Packer later.
Cyber security should be a good concern in this information era, here you can get some useful information on ECS and some security hardening requirements.
Elastic Compute Service (ECS) instance, ApsaraDB for RDS MySQL database, Server Load Balancer, with Elastic IP and security group is the most common scenario for most applications hosted on the web. Although the system is functioning well, this type of deployment is deficient in terms of cyber security. This is especially true for servers used in production scenarios.
This article will focus on ECS and its security hardening requirements, which are easy to follow.
ECS offers secure virtual cloud servers, and you can get some tips to harden the security for your applications in this article.
For common web applications, please do not use default passwords or blank passwords for web service consoles, and upgrade web applications to the latest version, use a complex password for server access.
For common database applications, please modify default connection ports for services, create different accounts for different roles and refine authentication and use a complex password for the database password.
When creating an ECS instance of the VPC network, you can either use the default security group or use other existing security groups in the VPC. A security group is a virtual firewall used to control the inbound and outbound traffic of an ECS instance.
In this guide, you will find some infomation of ECS security groups and how to configure these security groups.
This topic describes how to split read and write operations at the application layer and system layer. To improve overall system performance and optimize user experience, you can reduce the load of your primary database through read/write split.
This document introduces how to implement data security for ECS instances from the O&M perspective.
· Back up data regularly
· Design security domains properly
· Set security group rules
· Set logon passwords
· Server port security
· Application vulnerability protection
· Security information collection
Elastic Compute Service (ECS) is a high-performance, stable, reliable, and scalable IaaS-level service provided by Alibaba Cloud. It is more convenient and efficient compared with physical servers. You can immediately acquire ECS instances and scale computing resources on-demand. ECS provides a variety of instance types that suit various business needs and help boost business growth.
Alibaba Cloud security services protect your business, operations, network, application, cloud server and infrastructure with threat detection, DDoS defense, real time server monitor, anti-bot protection, SSL certificates, etc.
Alibaba Cloud, as Olympics Worldwide Cloud Services Partner, now offers Starter Package 2.0 . Start now to get easy-to-use high-performance virtual machines with data transfer plan starting from $2.50 a month.
2,599 posts | 762 followers
FollowAlibaba Clouder - April 2, 2020
Alibaba Clouder - January 22, 2018
Alibaba Clouder - July 10, 2019
Alibaba Clouder - June 2, 2020
Alibaba Clouder - February 10, 2020
Alibaba Clouder - July 10, 2020
2,599 posts | 762 followers
Follow
Managed Security Service
Identify vulnerabilities and improve security management of Alibaba Cloud WAF and Anti-DDoS and with a fully managed security service
Learn More
Security Center
A unified security management system that identifies, analyzes, and notifies you of security threats in real time
Learn MoreMore Posts by Alibaba Clouder
