This Is My Architecture

Like all things in our industry, things change and evolve. Years ago, I started a personal website. I believe everyone should have a presence somewhere that explains who you are and what you do. In today's digital world I think it will lead to credibility in the future. One of the things I noticed was that my website architecture has changed over the years that I have learned and evolved with the technology that I have been exposed to. This is my opportunity to share what that evolution was.

v1 (Shared Hosting/cPanel/WordPress)

My website started off, like many, with a WordPress content management system. The site utilized a shared hosting plan with cPanel and a domain. The cost there was $9.99/yr, for the domain name and $5.95/mo. This encompassed the hosting and no SSL cert because back then they used to charge for them. The last cost here was for a static IP address which costs $2.00/mo. Total annual cost per year was $105.39. Except for the lack of SSL on the site, this setup is probably the standard for most personal websites and some typical businesses. This architecture and service offering in will undoubtedly accomplish most use cases out there. The hosting provider I was using was ok, even though downtime was a bit shotty since the site went down for a few seconds a few times a month. In today's technology, any downtime is not a testament to the quality of service that a provider is giving to a customer; especially when it happens repeatedly. An annual cost of about one hundred dollars isn't bad, but it was 2017 at the time and time for a change.


" id="yui_3_17_2_1_1523586576062_304"> wp2.png

Costs:

  • Domain: 9.99 /year (No WhoIS Protection)
  • Hosting: 5.95 /month
  • SSL: $2.00 /month
  • Total: $105.39

Security:

Looking back and putting my security hat on for a second; One of the challenges with being on shared hosting is that it is, in fact, multi-tenant(shared). If there is a compromised on the central system, then all of the customer's websites' and data on that system is compromised. Another looking back moment I had was that it was WordPress, but we will leave that there. :-)

Negatives:

One of the annoyances and challenges I still had to do even with shared hosting was keeping things up to date. WordPress needed to be updated. PhpMyAdmin had to be updated, and don't even get me started on themes and plugins.

v2 (Web Hosting Platform)

One of the experiments I wanted to try and do to get off of shared hosting was to utilize one of the popular one-stop-shop website hosting platforms. They were designed for those that didn't have time to do design and didn't want to hire a web designer to make a site. So, you could choose a template and had a content management system on the backend that provided the same functionality that WordPress provided. The designs and offering got better by the year, and there were a few clear leaders. Going with the most well-known leader's offering was a comprehensive offering of covering the DNS, hosting, SSL, and design placed the overall inclusive price of $144 per year. However, this offering didn't include the domain. The domain is still $12 per year since I now decided to get WhoIS guard.

Costs:

  • Platform: $12 /month (CMS & SSL)
  • Domain: $12 /year
  • Total: $156.00

Security:

This model shifts the attack surface down quite a bit since you don't have to worry about updating thigs and the risk transfers to the team managing the platform.

Negatives:

The only piece here that concerning with this approach is visibility. You have no clarity of where your data is and is being stored or what happens to it.

Even with that slight inconvenience, in my opinion, most people would not be bothered with that point. The convenience that the platform offers with the "Point, Click, & Write" model it is easy to create content and not have to worry about the other pieces. This model for most people would be my recommended option, even though the price is high for what it necessarily is.

v3 (Serverless Architecture)

One of the new "hotnesses" this year (2018) was/is the concept of serverless. Serverless computing allows you to build and run applications and services without thinking about servers. Serverless applications don't require you to provision, scale, and manage any servers. You can create them for nearly any type of application or backend service, and everything needed to run and scale your application with high availability handled for you. Utilizing it for static or dynamic content is one of the things it's good for serving.

Currently, the architecture that I found that I could utilize that was S3 and CloudFront. S3 is object storage built to store and retrieve any amount of data from anywhere. It has the ability to serve websites. CloudFront is a programmable content delivery network (CDN). Utilizing these services together to serve static content is an efficient system. The site's configuration that you are reading this article on is served by loading the HTML, CSS, and JavaScript in an S3 bucket and pushed to a CloudFront distribution that has points of presence that hosts content to the US, Canada, and Europe. I am utilizing Route 53 (AWS DNS) and ACM (AWS Certificate Manager) to provide SSL.

One of the neat things here is the pricing model. S3 charges you for space you consume and the transfer costs on the CloudFront is minimal as well since it does most of the caching and doesn't need to transfer static content unless it has changed. Currently, it's $0.085 for the first 10TB/month. Since the site is HTML, CSS, JavaScript, and images, the size is minimal. The other charge is for DNS. For route 53 it's $.50 per month for routing to the different points of presence. As with SSL for the most part nowadays is free and doesn't cost anything. The last charge that I can't decrease the domain. I chose to pay an all-inclusive $12 which provides all of the privacy features everyone should have in today's information age. With all of these implementations, the average yearly bill for me is around $20.

Costs:

  • Domain: $12 /year (WhoIS Protection)
  • DNS: $.50 /month (AWS RT 53)
  • Hosting: ~$2 /year (AWS S3 & CloudFront)
  • SSL: $0 /month (AWS ACM)
  • Total: ~$20.00

Security:

The most significant benefit here to me, other than the money, is the attack surface. Since it's serverless, I don't have to update any servers, plugins, or themes. My attack surface to the attacker is now all the way down to the architecture that AWS provides. Now the risk is transferred to their teams. The thing I have to keep in mind now from a security aspect is keeping in mind that anything I put in the bucket is publicly accessible. A benefit that you now have though is logging and a massive level. You can access logs and actual distribution logs to who is accessing your site, what they are accessing, where they are accessing it from, and many dashboards are available to see these calls. Since these logs on-demand can go to an S3 Bucket, you can perform even more complex analytics to it as well. This architecture offers options that you can't get anywhere else other than standing up on-premises hardware and hosting it on the internet.

Negatives:

The only downside is now I have to manage and code this site. I go back to the roots of using just a notepad and web browser to preview the site. It's a slow process but does give you complete control in the area of designing and laying out your site. While some might prefer this, it is a slow process than the standard point, click and write model I had with v2. I will take the hit thought for the price. Along with the technical debt incurred by needing to know web design, you now have to understand how to work AWS architecture. Depending on how you pick things up can be more daunting than learning web design.

Conlusion

While I don't have a website with vast amounts of traffic, but if I did, I wouldn't have to change a thing. It could scale to serve any load of traffic, and I would have to pay pennies since a Content Delivery Network backs it. To provide massive amounts of dynamic content is where you would utilize more serverless architecture like API Gateway, AWS Lambda, and Dynamo DB. Serverless is where you can optimize the material and offerings that you have to set up the static areas of your site to a serverless model like this to save you time and money and not have to worry about servers, updating, and other time-wasting aspects.

In the end, one of the freedoms of the internet is choice, and there are many ways to host a website. This site is just my architecture and how I roll. Challenge yourself, innovate, and reach higher.