Last Updated: 17 April 2018
By Maynard Paton


Creating Your AWS Security Group


Welcome to Part 1 of Installing Sendy and Virtualmin on Amazon Web Services (AWS).

This page describes how to create a security group for your AWS server. The security group should help prevent unauthorised access to your Sendy and Virtualmin installation. (Source: AWS)

Before You Start:

Part 1 involves an AWS feature that restricts which IP addresses can access certain routes to your server.

My guide utilises this feature, and I recommend you follow these instructions using the computer/IP address from which you are most likely to access AWS and Virtualmin in future. 


Here are the steps to follow

1) Log in to the AWS console at https://aws.amazon.com/

Make sure Your AWS Region is set correctly:


2) Select EC2 from the Services menu:


3) Select Security Groups from the left-hand menu:


4) Select Create Security Group:


5) Complete Create Security Group as follows: 


Enter a Security group name. For the purposes of this guide, Colcol Test Demo Security has been used. Something like LIVE Sendy Security will be fine.

Enter a Description. For the purposes of this guide, HTTP, HTTPS & Virtualmin (without the SSH!) has been used. Something like HTTP, HTTPS, SSH & Virtualmin will be fine.

Note: The Security group name and Description cannot subsequently be changed.

Leave VPC as the default selection.

Within the Security group rules section, select Inbound and add the following four rules:

Rule 1 (HTTP)
Click Add Rule. Then for Type, select HTTP. Leave the other columns as the default selections.

Rule 2 (HTTPS)
Click Add Rule. Then for Type, select HTTPS. Leave the other columns as the default selections.

Rule 3 (SSH)
Click Add Rule. Then for Type, select SSH. For Source, select My IP. and your IP address should appear. Leave the other columns as the default selections.

Rule 4 (Virtualmin)
Click Add Rule. Then for Port Range, enter 10000. For Source, select My IP and your IP address should appear. Leave the other columns as the default selections.

There is no need to create any Outbound rules.

Then click Create.

6) Now double-check your rules. If need be, select your security group from the list. Click the box on the right to show all of the rules:


The two HTTP rules should both have Port Range set to 80, with one Source set to 0.0.0.0/0 and the other Source set to ::/0

The two HTTPS rules should both have Port Range set to 443, with one Source set to 0.0.0.0/0 and the other Source set to ::/0

(Note: The HTTPS rules may have their Type columns changed to Custom TCP Rule. These changes won’t cause a problem.)

The SSH rule should now have Port Range set to 22 and Source set to the IP address of your computer.

The Virtualmin rule should now have Port Range set to 10000 and Source set to the IP address of your computer.

Notes: 

a) The HTTPS and HTTPS rules have their Sources set to 0.0.0.0/0 and ::/0 in order to allow anybody using any IPv4 or IPv6 address to subscribe to your Sendy mailing lists.

b) If need be, extra SSH and Virtualmin rules can be added to allow SSH and Virtualmin access from other computers. When creating these extra rules, select Custom within the Source column and enter the extra IP address followed by /32 (for example: 12.34.56.78/32).

c) Complex Virtualmin set-ups require access to ports 10001 - 10010, 20000 and perhaps others. Add an extra rule with a Port Range set to 10001 - 10010, another with Port Range set to 20000, and other rules as necessary if this ever applies.


7) Click the edit icon within the Name column:


8) Enter a name for your security group:


For the purposes of the guide, Colcol Test Demo has been used. Something like LIVE Sendy will be fine. Click the tick to save.

9) All done!

Stay logged into AWS, and click here to start Part 2. Alternatively, click here to return to the Introduction.

If you have any questions or comments about this page, please let me know so I can keep this website as helpful as possible.

Happy installing!

Maynard Paton

(Want to learn more? Click here to visit the full website index.)


profile-pic

I Can Do Exactly What I Was Doing With MailChimp!

When I left MailChimp, my monthly bills were around $100, because of the size of my email lists. Well, now with Sendy I only pay for what I send, right?

Amazon SES basically bills $0.10 per 1,000 emails sent. As I send around 10,000 emails per month, it means that my monthly bill for email marketing went from $100 to … $1! Not too bad for one day of work and a one-time $59 fee.

Marco Schwartz, marcoschwartz.com , Sendy customer

MailChimp 'Disruptor'. $59 One-Off Fee. Full Refund Available.