Configure custom VPC on AccuWeb.Cloud
A Virtual Private Cloud (VPC) allows you to create a secure and separate network inside your account. It gives you control over networking, security, and how traffic flows for your cloud resources.
With AccuWeb.cloud, you can set up resources in a private virtual network that works like a traditional network in your own data center but with the scalability of AccuWeb.Cloud.
Each account is entirely separate from the others. This means that resources in your account cannot be accessed from another account using a private IP address.
How do I set up AWS VPC like services in AccuWeb.Cloud?
AccuWeb.Cloud offers various features that help you set up a VPC to ensure your applications stay connected.
Major components of a Virtual Private Cloud setup:
1. Private IP address
2. Routing Table
3. Internet Gateway
4. NAT Gateway/Instance
5. Security Group:
6. Flow logs
1. Private IP address:
An IP address is a unique number given to an application’s node or server connected to a network. It helps in identifying and locating the node or server on the internet or a local network.
Private IP address in AWS
In AWS, a private IP address allows instances to communicate with each other without using the internet. It helps with internal communication, security, cost savings, and a stable network.
Private IP address in AccuWeb.Cloud
In AccuWeb.cloud, the system automatically manages private IP addresses. When you create an application, database, or Elastic VPS node, it automatically assigns a private IP.
Example of a Private IP address in AccuWeb.Cloud:
You are creating an environment with an application server such as Apache and a database server as Mysql. The system will automatically assign a private IP address to the application server node and database server node from the available IP address pool.
2. Routing (Route Table):
A route table works like a map that helps computers and network devices know where to send data. It has rules (routes) that guide data from one place to another in a network.
Imagine you are driving in a city and use Google Maps to find the best and fastest route to your destination. A route table works the same way in a network—it helps data find the best path to reach the correct server or the internet.
Route Table in AWS
In AWS, a route table helps the VPC (Virtual Private Cloud) decide how to handle network traffic. It contains rules that determine where data should go based on its destination.
Each subnet (a smaller section of the VPC) must have a route table. If you don’t create a custom one, it will use the default route table of the VPC.
Route Table in AccuWeb.Cloud
In AccuWeb.Cloud, the system manages the route table. When data is sent from a node in the VPC, the route table checks its destination (IP address range) and forwards it to the right target, such as an internet gateway or another node server.
Example of Route Table in AccuWeb.Cloud
Imagine you have:
1. An application server that needs internet access.
2. A database server that should only be accessed within the internal network.
To manage this, the system creates two route tables:
- Public Route Table → Used for internet communication through a public IP.
- Private Route Table → Used for internal network communication only.
Save $100 in the next
5:00 minutes?
For the application server, you must assign a public IP address so it can connect to the internet. This server will use the public route table.
For the database server, do not assign a public IP address, as it should only be accessible within the network. It will use the private route table instead.
This setup ensures that your application server can communicate with the internet while keeping your database secure within the internal network.
3. Internet Gateway:
An Internet Gateway (IGW) is like a door that connects a private network (such as a VPC in AWS or AccuWeb.Cloud) to the internet. Without it, the devices in the network cannot access the internet.
Think of your home as a private network. If you want to browse the internet, you need a Wi-Fi router to connect your home to the internet. Similarly, in cloud networking, an Internet Gateway allows servers inside a VPC to send and receive data from the internet.
Internet Gateway in AWS
In AWS, an Internet Gateway (IGW) is a virtual device that helps AWS resources (like EC2 instances) send and receive data from the internet. It is used in public subnets to enable internet access.
Internet Gateway in AccuWeb.Cloud
In AccuWeb.Cloud, the system automatically assigns an Internet Gateway to a node when a public IP address is allocated. This allows the node to send and receive data over the internet.
Example in AccuWeb.Cloud
Suppose you have an Apache web server and want to access it from the internet. You need to:
1. Assign a public IP address to the Apache server’s node.
2. Once assigned, your Apache server will be accessible from the internet.
AccuWeb.Cloud also provides a temporary URL (environment hostname), which you can use to access your application from the internet.
This setup makes sure your application server is reachable on the internet while keeping private servers secure inside the network.
4. NAT Gateway:
A NAT (Network Address Translation) Gateway allows servers without public IPs to access the internet while keeping them hidden from outside traffic.
Think of your home network with multiple devices like a laptop, phone, and TV. Only your Wi-Fi router is directly connected to the internet. When you browse online, your router sends requests on behalf of your devices and brings back the response. Your devices remain hidden, and only the router’s public IP is visible to the internet.
A NAT Gateway works the same way. It lets private servers in a cloud network connect to the internet (for updates or external APIs) while blocking outside access for security.
NAT Gateway in AWS
In AWS, a NAT Gateway allows servers in a private subnet to access the internet or other AWS services while preventing direct access from the internet.
NAT Gateway in AccuWeb.Cloud
AccuWeb.Cloud also allows servers with private IPs to connect to the internet while blocking incoming traffic for security.
- In AWC, the system manages the NAT feature, so each application or database node can be accessed using its node ID and hostname without needing a public IP.
- You can add a rule in the built-in Web Application Firewall to block outside access.
- Once the rule is added, external applications will not be able to connect to your private resources through the internet.
This setup ensures security while allowing essential internet access for private servers.
Example of NAT Gateway in AccuWeb.Cloud:
You have a database server where you need to install or update packages, but you want to block incoming traffic so that no one from the internet can access it for security reasons. To do this, you can use the built-in web-based firewall to block incoming traffic.
For more details, check the article below on managing the firewall in the AccuWeb.cloud dashboard.
Disable outbound connections for your application, databases and VPS
5. Security Group:
A Security Group is like a firewall that controls who can access your cloud server and what kind of traffic is allowed. It helps protect your servers from unauthorized access.
Think of your house with a main door and a security guard. You give the guard instructions:
- Allow family and friends to enter.
- Block strangers from coming in.
A Security Group works the same way for cloud servers. You create rules to allow or block traffic:
- Allow visitors to access your website (web traffic on port 80/443).
- Block direct access to your database (only your application can connect to it).
Security Group in AWS
In AWS, a Security Group (SG) acts as a virtual firewall for EC2 instances, RDS databases, and Load Balancers.
- You define rules to allow only specific IP addresses, protocols, and ports.
- This ensures that only authorized traffic can reach your resources.
Security Group in AccuWeb.Cloud
In AccuWeb.Cloud, the built-in Web Firewall, works as a Security Group. It controls incoming and outgoing traffic for applications and databases in your environment.
- It helps restrict access to your cloud resources.
- You can create rules to allow only the necessary connections.
Example in AccuWeb.Cloud
Suppose you have a web application (Apache), and you want to allow internet access on port 80 (HTTP) and port 443 (HTTPS):
1. Add a rule in the firewall to allow traffic on port 80 and 443.
2. All other ports will be blocked by default, ensuring security.
This setup ensures that only authorized traffic can access your application, while everything else remains protected.
In addition, AccuWeb.Cloud offers a Collaboration feature that you can use to manage permissions for different users for your project. It helps different users, like developers, designers, and administrators, work smoothly on the project. You can create roles and assign the necessary permissions to them.
For example, imagine you have a sensitive project. You need to give:
- Full access to the Project Manager.
- Read and write access to the Developer.
- Read-only access to the Designer.
To do this, you can assign:
- Full Access role to the Project Manager.
- Developer role to the Developer team.
- Viewer role to the Designer team.
This way, each person gets only the permissions they need, keeping your project and environment secure.
Check the article below for instructions on enabling collaboration in your AccuWeb.Cloud account.
Enable Collaboration in your AccuWeb.cloud account.
6. Flow Logs:
Flow Logs work like a security camera for your network. They track and record all incoming and outgoing traffic in your cloud environment. This helps in monitoring, troubleshooting, and keeping your system secure.
Example
Imagine you own a building and want to track who enters and exits. You install CCTV cameras to record every visitor.
Similarly, Flow Logs record details about who is accessing your servers, from where, and what kind of data is being sent or received.
Flow Logs in AWS
In AWS, Flow Logs capture network traffic details for resources like:
- VPCs (Virtual Private Clouds)
- Subnets
- Network Interfaces
They help in monitoring activity, troubleshooting issues, and analyzing security by logging allowed and denied traffic.
Flow Logs in AccuWeb.Cloud
In AccuWeb.Cloud, the system automatically records all incoming and outgoing traffic in your environment.
- These logs are stored in the log folder under the respective log files.
- They capture details like source IP, destination IP, and traffic type.
- This helps in analyzing performance, debugging issues, and securing the network.
Save $100 in the next
5:00 minutes?
Example in AccuWeb.Cloud
Suppose you have a PHP-based application running on Apache, and you want to check which IP addresses are accessing the login page the most.
1. Go to the Log folder.
2. Open the access_log file.
3. Look for IP addresses to see which users frequently access the login page.
This helps you monitor activity and detect unusual access patterns for better security.
Conclusion:
Setting up a Virtual Private Cloud (VPC) in AccuWeb.Cloud helps you create a secure and private network for your applications. It allows you to control traffic, manage security, and optimize performance just like a traditional network but with the flexibility of the cloud.
With features like Private IPs, Route Tables, Internet & NAT Gateways, Security Groups, and Flow Logs, you can easily manage who can access your resources, how data flows, and how to keep your applications secure.
By using AccuWeb.Cloud’s built-in tools, you get a scalable, cost-effective, and easy-to-manage cloud network for your projects.
Jilesh Patadiya, the visionary Founder and Chief Technology Officer (CTO) behind AccuWeb.Cloud. Founder & CTO at AccuWebHosting.com. He shares his web hosting insights on the AccuWeb.Cloud blog. He mostly writes on the latest web hosting trends, WordPress, storage technologies, and Windows and Linux hosting platforms.
