I've been trying to secure my backend hosted on Elastic Beanstalk so I can send my httpOnly JWT cookies to the frontend. Right now, the frontend is secured using CloudFront and S3, but I'm looking for methods to make the backend secure without spending money on a domain. Is there a way to achieve this, or is purchasing a domain the only solution?
1 Answer
You might want to check if your app is running on a CloudFront domain. I mean, if you really can't spare the cost of a domain (which is usually around $10/year), it might be worth reconsidering using AWS altogether. However, a domain isn’t that expensive in the grand scheme of things.
I'm currently on the free tier since this is my first experience with AWS, and I'm eager to learn. Right now, I set up S3 to host the frontend and CloudFront to provide HTTPS, while my backend is on EB with an RDS database.