Make Your React Application Secure With AWS

Mohammad Faisal
4 min readOct 31, 2020
Photo by Scott Webb on Unsplash

Security is very important for websites nowadays. Customers don’t feel confident to provide their information on an unsecured website. If you have a React app served over S3 you can secure it very easily using AWS service.

If you have an application that is hosted on S3 Bucket in AWS( Which a popular choice for react applications) and want to serve your app over HTTPS then this article is for you.

Today we will use 2 services provided by AWS. CloudFront and ACM.

Let’s get Started. . .

STEP 1: Get a certificate from ACM

  • First, we need a certificate from ACM (Amazon Certificate Manager)
  • We will apply for a new certificate, The certificate must be from the North Virginia region (us-east-1) as CloudFront doesn’t support other regions yet.
  • Along the way, we will select the option to request a public certificate
  • In domain names, we will add our desired domain names. It is advised to add domain names with www and another without www. ( For example and )
  • We will select DNS validation ( We can also opt for email verification . However if we select DNS we need to verify that we are the owner of the domain from our DNS console)
  • Tags are optional. From the next page, we will review and submit a request.
ACM console

On the next page, we will be given a name and value pair for each of our requested domain names. Now We need to open our DNS console to verify our ownership. (If you use Route 53 as your DNS provider you don’t need to do anything at this point. AWS will auto verify your ownership of the domain names)

Open Alibaba DNS console and add a new record for each of your requested domains to verify ownership

alibaba console
Mohammad Faisal