How to secure VM instance on google cloud
What you will learn here VM instance security
- How to secure VM instance on google cloud
Here we are going to see how to secure VM instance on google cloud using free SSL certificates.
How to secure VM instance on google cloud
Please follow the following steps to know how to secure VM instance on or in google cloud using free SSL certificates
1)First, please sign in to your google cloud console.
2)Assuming you have signed successfully and you have created VM instance on it. If you don’t know how to create a VM instance on google cloud then please visit the following link.
Creating VM instance on Google Cloud
3)Assuming you have created VM instance. Now please click on SSH to access your VM instance. which is shown below which is shown below
4)Please execute the following commands to go super user mode and root directory which is shown below
sudo su cd ../..
5)Please execute the following command to install apache2 web server which is shown below
sudo apt-get install apache2
6)Now please add A record in your DNS management which is shown below
Type – A
Host – subdomain name
Points to – External IP address of your VM instance
Updating DNS record might take half an hour
7)Now please open port 80 and 443 from firewall of google cloud VM instance. If you do not know how to open port on google cloud then visit the following link.
8)Now please visit to your website URL in browser. You should able to see apache2 home page in browser in not secure mode which is shown below
9)Now execute the following command to install cerbot which is shown below
sudo apt-get install certbot python-certbot-apache
10)Execute following command to install SSL certificate
sudo certbot --apache
Please enter Email address which is shown below
11)Please enter A which is shown below
12)Please type N which is shown below
13)Please enter your domain name which you want to secure which is shown below
14)Please enter 2 to redirect traffic from not secure to secure which is shown below
15)Now please visit the your website URL you will see secured website in the browser which is shown below
Apache proxy configuration
Please follow the following steps only if you want to forward or pass all request http (request on port 80) to apache tomact (8080)
Please make sure that apache tomcat is running on your VM instance with port 8080. If you do not know how to install apache tomcat on Google cloud VM instance then please visit the following link.
Installing Apache Tomcat on Google Cloud
1)Execute the following command to delete default SSL conf file
sudo rm /etc/apache2/sites-available/000-default-ssl.conf
2)Execute the following command to edit 000-default-le-ssl.conf file
sudo nano /etc/apache2/sites-available/000-default-le-ssl.conf
3)Now please add following lines code in 000-default-le-ssl.conf which is shown below
ServerAdmin admin@localhost DocumentRoot /var/www/html ProxyPreserveHost On ProxyPass / http://127.0.0.1:8080/ ProxyPassReverse / http://127.0.0.1:8080/
Press Ctrl + X. Type Y and hit enter to save the changes.
4)Now please execute the following commands to enable Apache proxy
sudo a2enmod proxy sudo a2enmod rewrite sudo a2enmod proxy_http sudo service apache2 restart