Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: Where to host a static website (with SSL)
9 points by jakobegger on Jan 13, 2015 | hide | past | favorite | 6 comments
I'm currently hosting my static website on a VM. I'd like to avoid being personally responsible for keeping the system secure, so I'm looking for a service that will host my static website; ideally on a CDN. Here are my requirements:

1) Content must be transmitted via https end-to-end.

2) Content must be served from custom domain

3) Support for directory indexes (show contents of index.html when an URL with trailing slash is accessed)

I thought this would be easy, but all services I've found seem to have some kind of drawback.

Amazon S3 + Cloudfront: If I use Cloudfront with S3 buckets directly, there is no support for directory indexes. If I use Cloudfront with S3 website endpoints, the content is transferred only via http between S3 and cloudfront edge servers.

Rackspace cloudfiles: If I understand their docs correctly, they don't support custom domains with SSL

DreamObjects + DreamSpeed: Apparently doesn't support apex domains, and also doesn't support custom domains with SSL

Anybody know any other options?

Does this mean I need to continue to run my own VM just to serve a static website over SSL?




GitHub pages + CloudFront (with SNI) does all three. It costs ~$2 a month and you can deploy via Git. It's lovely.

Example links:

CloudFront: https://rockymadden.com

GitHub pages: https://rockymadden.github.io

Compilation repo: https://github.com/rockymadden/rockymadden.github.io

Source repo: https://github.com/rockymadden/rockymadden-web


Hmm, does it cost you $2 a month for bandwidth? I had the impression that CloudFront with SNI costs money but after looking it up it's free.


I think you can specify index documents in your S3 bucket config and Cloudfront will use them. A good write up: http://www.michaelgallego.fr/blog/2013/08/27/static-website-...

I am unsure about end-to-end encryption for transfer to the edge nodes or encryption at rest. Maybe someone with a better understanding of Cloudfront and IAM can help out.


Two options I'd go with:

1. Use a static site generator to build the site, ensuring I have indexes available, piggyback s3's SSL as a custom endpoint through to cloudfront and use SNI for my custom domain.

2. Use Heroku (or similar provider to remove most of the maintenance burden), piggyback their SSL to cloudfront+SNI+csutom domain.


I would set up a free Heroku application and provide SSL and caching by redirecting it through CloudFlare.

I host a lot of static websites like this.


Why not just serve from S3 over HTTPS?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: