Hosting a Website on AWS EC2 (with VPC, Public Subnet, Route Table & IGW)

This guide explains how to host a static or dynamic website on AWS EC2, from scratch — including creating your own VPC, Public Subnets, Internet Gateway, and configuring Route Tables for Internet access.

Quick overview (what we’ll do)

• Create a VPC.

• Create one or more public subnets.

• Create & attach an Internet Gateway (IGW).

• Create a route table for the public subnet, add a 0.0.0.0/0 → IGW route and associate it with the public subnet.

• Create a Security Group allowing SSH (22), HTTP (80), HTTPS (443).

• Create a Key Pair (download .pem) for SSH.

• Launch an EC2 instance in the public subnet with the SG and keypair, give it a public IP (or associate an Elastic IP).

SSH in, install Apache/Nginx, place your website files, and test via browser.

Step-by-step instructions

1) Create a VPC

Console: VPC → Create VPC → choose “VPC only” (or “VPC and more” wizard). Example: CIDR 10.0.0.0/16 (change as you need). Why: A VPC is your private network for EC2 and other resources.

2) Create a public subnet

Console: VPC → Subnets → Create subnet → choose the VPC you created. Example: Availability Zone ap-south-1a (or your region), CIDR 10.0.1.0/24. Make a second public subnet if you want HA (multiple AZs).

3) Create an Internet Gateway (IGW) and attach it

Console: VPC → Internet Gateways → Create internet gateway → then Attach to VPC. This gives resources in the VPC the ability to reach (and be reached from) the Internet.

4) Route table for the public subnet

Console: VPC → Route Tables → Create route table (choose the VPC). Edit routes for that route table and Add route:

Destination: 0.0.0.0/0 → Target: select your Internet Gateway (igw-...). Then Associate the route table with your public subnet (so instances in that subnet get Internet access).

5) Security Group (SG) — allow needed ports

Console: EC2 → Security Groups → Create security group (select VPC). Add inbound rules:

SSH (TCP) port 22 — Source: your IP (recommended) OR 0.0.0.0/0 for testing (less secure).

HTTP (TCP) port 80 — Source: 0.0.0.0/0 (public web).

HTTPS (TCP) port 443 — Source: 0.0.0.0/0. Security groups are stateful and default to deny inbound traffic until rules are added.

Tip: For SSH, restrict the source to your office/home IP for security.

6) Create a Key Pair (for SSH)

Console: EC2 → Key Pairs → Create key pair → choose PEM (Linux) or PPK (for PuTTY) and download the .pem. Keep it safe. AWS will not show it again.

7) (Optional but recommended) Allocate an Elastic IP

Console: EC2 → Elastic IPs → Allocate Elastic IP for the region → then Associate Elastic IP with your instance (after launch). Note: Elastic IPs are static and can be re-associated; AWS has pricing rules for unused EIPs.

8) Launch an EC2 instance in the public subnet

Console: EC2 → Instances → Launch Instances:

Choose AMI: e.g., Amazon Linux 2 or Ubuntu Server.

Instance type: t3.micro (free tier eligible if eligible) or as required.

Under Network and Subnet: select the VPC and the public subnet you created.

Auto-assign Public IP: Enable (or you’ll need an Elastic IP to access it from the Internet).

Add Storage, Tags as needed.

In Security group choose the SG created earlier.

Key pair: choose the key pair you created.

Once launched, note the Public IPv4 or Public DNS.

9) Connect to your instance (SSH)

From Linux / macOS

Set correct permissions:

chmod 400 /path/to/my-key.pem

Connect (user depends on AMI):

Amazon Linux / Amazon Linux 2: ec2-user

Ubuntu: ubuntu

RHEL: ec2-user or root Example:

ssh -i /path/to/my-key.pem ec2-user@ec2-3-123-45-67.compute-1.amazonaws.com

(Use the public DNS or Elastic IP).

From Windows using PuTTY

Convert .pem to .ppk with PuTTYgen (load .pem → Save private key).

Open PuTTY → Host Name = ec2-user@<public-dns> or IP → SSH → Auth → browse .ppk → Open. AWS docs show the exact steps for PuTTY.

10. Install a web server and deploy your site

Once SSH’d in:

On Amazon Linux 2:

sudo yum update -y
sudo yum install -y httpd
sudo systemctl enable httpd
sudo systemctl start httpd

On Ubuntu:

sudo apt update
sudo apt install -y apache2
sudo systemctl enable apache2
sudo systemctl start apache2

Put your site files in the web root:

Apache typical web root: /var/www/html ' Example: sudo cp -r ~/my-website/* /var/www/html/

Then visit http:/// in your browser.

If using HTTPS, consider installing a certificate (e.g., Let’s Encrypt certbot) or terminating SSL at a load balancer.

Also ensure the SG has port 80 (and 443) open as above. For HTTP access troubleshooting, AWS Knowledge Center covers common checks. Repost

11) DNS (optional)

If you have a domain, point an A record to your Elastic IP (or public IP). For AWS Route 53, create a hosted zone and add an A record pointing to the Elastic IP.

12) Useful troubleshooting checklist

Is the instance in a public subnet and associated with a route to an IGW? (Check route table for 0.0.0.0/0 → igw-xxx).

• Does instance have a Public IP (or Elastic IP) assigned? (If not, you can allocate and associate an Elastic IP).

• Are Security Group inbound rules allowing ports 22 / 80 / 443?

• Is the web server running? sudo systemctl status httpd or sudo systemctl status apache2.

• If browser shows timeout — check local firewall on instance (e.g., ufw on Ubuntu) and SG rules again.

---