How to Deploy a Website on GitHub Pages and AWS EC2: A Step-by-Step Guide

By Obidiegwu Onyedikachi | Neo Cloud Technologies

Introduction

Hosting a website is a critical skill for developers, cybersecurity professionals, and cloud engineers. In this guide, I’ll walk you through two methods:

✅ GitHub Pages (For static websites)
✅ AWS EC2 (For scalable web applications)

By the end, you’ll have a fully deployed website, with security best practices applied.

Option 1: Hosting a Static Website on GitHub Pages
If you have a static website (HTML, CSS, JavaScript), GitHub Pages is a fast and free way to deploy it.

Step 1: Create a GitHub Repository

1. Log in to GitHub and create a new repository (my-website).
2. Clone it to your local machine:

git clone https://github.com/your-username/my-website.git
cd my-website

Create and add your HTML, CSS, and JavaScript files.

touch index.html style.css script.java

using nano editor to add your code

nano (file name)

then input your code for the file you opened

ctrl+O to save then press "enter"
ctrl+X to exit

Step 2: Enable GitHub Pages

1. Go to Settings → Pages in your repository.
2. Under Source, select the main or master branch.
3. Save changes and wait a few minutes.

Step 3: Access Your Website

Your website will be live at:

https://your-username.github.io/my-website/

For custom domains, configure CNAME records in your DNS settings.

Option 2: Hosting a Website on AWS EC2 (For Dynamic Websites & Full Control)
For dynamic applications (Node.js, Python, PHP, etc.), AWS EC2 provides full control over the server.

Step 1: Launch an EC2 Instance
Log in to AWS → Navigate to EC2 → Click Launch Instance.

Choose Amazon Linux 2023 (or Ubuntu 22.04 for flexibility).

Select instance type:
• t2.micro (Free Tier) for basic hosting
• t3.small or higher for production

Configure Security Group:
• Allow HTTP (port 80) and HTTPS (port 443)
• Allow SSH (port 22) (Restrict access to your IP for security)

Click Launch and create a key pair (download the .pem file).

Step 2: Connect to Your EC2 Instance

1. Open Terminal (Linux/macOS) or PowerShell (Windows).
2. Navigate to the .pem file location and set correct permissions:

chmod 400 my-key.pem

Connect to EC2:

ssh -i my-key.pem ec2-user@your-ec2-public-ip

Step 3: Install & Configure a Web Server

For Apache (Recommended for PHP & Static Sites)
Update and install Apache:

sudo yum update -y
sudo yum install httpd -y

Start and enable Apache:

sudo systemctl start httpd
sudo systemctl enable httpd

Upload your website files to /var/www/html/:

sudo mv * /var/www/html/

Restart Apache:

sudo systemctl restart httpd

Access your site via http://your-ec2-public-ip

For Nginx (Recommended for Reverse Proxy & Performance)
Install Nginx:

sudo yum install nginx -y

Configure Nginx to serve your site:

sudo nano /etc/nginx/nginx.conf

Set root to /var/www/html/

Restart Nginx:

sudo systemctl restart nginx

Step 4: Secure Your Website with HTTPS (SSL/TLS)

Option 1: Free SSL with Let’s Encrypt
Install Certbot:

sudo yum install epel-release -y
sudo yum install certbot python3-certbot-apache -y

Generate an SSL certificate:

sudo certbot --apache

Auto-renew SSL:

sudo crontab -e

Add: 0 0 1 * * certbot renew --quiet

Option 2: Use AWS Certificate Manager (ACM) with Load Balancer

1. Go to AWS Certificate Manager → Request Public Certificate
2. Attach it to an Application Load Balancer (ALB) for enhanced security.

Step 5: Set Up a Custom Domain (Optional)

1. Buy a domain from Route 53 or a provider like Namecheap.
2. Create an A Record pointing to your EC2 public IP.
3. If using CloudFront, update DNS with its distribution endpoint.

Conclusion

Both GitHub Pages and AWS EC2 offer great ways to host websites, depending on your project needs.

✅ GitHub Pages is best for static sites, personal portfolios, and quick deployments.
✅ AWS EC2 is ideal for dynamic web applications, scalability, and production workloads.

As a cybersecurity professional, I always recommend applying security best practices, including:
• Harden SSH access (disable root login, use key-based authentication).
• Set up a Web Application Firewall (AWS WAF) to prevent attacks.
• Use monitoring tools like AWS CloudWatch and GuardDuty to detect threats.

What’s Next?

I specialize in cloud security, DevSecOps, and penetration testing. Follow me for more insights on AWS security best practices, cloud automation, and ethical hacking!

🚀 Need help deploying your cloud projects? Drop a comment!