Frequently Asked Questions for Amazon Web Services

How to connect to the server through SSH?

The first step is to ensure that you have an SSH key for your server. If you are using the Bitnami Launchpad for AWS Cloud, download the SSH key for your server in .ppk format (for Windows) or in .pem format (for Linux and Mac OS X) from the Launchpad detail page for your server.

Depending on your platform, follow the instructions below:

Windows

The easiest way to log in to your server is with PuTTY, a free SSH client for Windows and UNIX platforms.

Download the PuTTY ZIP archive from its website.
Extract the contents to a folder on your desktop.
Double-click the putty.exe file to bring up the PuTTY configuration window.
Enter the host name or public IP address of your server into the "Host Name (or IP address)" field, as well as into the "Saved Sessions" field.
Click "Save" to save the new session so you can reuse it later.
In the "Connection -> SSH -> Auth" section, select the private key file (.ppk) you saved in the previous step.
In the "Connection -> Data" section, enter the username bitnami into the "Auto-login username" field.
Go back to the "Session" section and save your changes by clicking the "Save" button.
Click the "Open" button to open an SSH session to the server.
PuTTY will first ask you to confirm the server's host key and add it to the cache. Go ahead and click "Yes" to this request (learn more).

You should now be logged in to your server.

Linux and Mac OS X

Linux and Mac OS X come bundled with SSH clients by default.

Set the permissions for your private key file to 0600 using a command like the one below:
```
 $ chmod 600 KEYFILE
```
Open a new terminal.
Connect to the server using the following command:
```
  $ ssh -i KEYFILE bitnami@100.101.102.103
```
Remember to replace KEYFILE in the previous commands with the path to your private key file, and 100.101.102.103 with the public IP address or hostname of your server.
Your SSH client might ask you to confirm the server's host key and add it to the cache before connecting. Accept this request by typing or selecting "Yes" (learn more).

You should now be logged in to your server.

What is a Bitnami image?

A Bitnami image includes everything you need to run your Bitnami-packaged application of choice. The installation and configuration of all of the software included in the stack is completely automated, making it easy for everyone, including those who are not very technical, to get them up and running.

All Bitnami images are completely self-contained and run independently of the rest of the software or libraries installed on your system. This means that you don't have to worry about installing any other software on your system to make the new application work. They also won't interfere with any software already installed on the system, so everything will continue to work normally.

What is the directory structure?

The installation process will create several sub-directories under the /opt/bitnami directory:

Servers and related tools: apache2/, mysql/, postgresql/, apache-tomcat/, openoffice/, subversion/, etc.
Languages: php/, python/, ruby/, tcl/, etc.
Application files: apps/phpMyAdmin/, apps/drupal/, apps/joomla/, apps/redmine/, etc.
Common libraries: common/
Licenses of the components included in the stack: licenses/

Application files are stored in the /opt/bitnami/apps/APPNAME/htdocs directory. The configuration file for the Apache Web server is stored in the /opt/bitnami/apps/APPNAME/conf/ directory.

How to start or stop the servers?

Each Bitnami stack includes a control script that lets you easily stop, start and restart servers. The script is located at /opt/bitnami/ctlscript.sh. Call it without any arguments to restart all services:

$ sudo /opt/bitnami/ctlscript.sh start

Or use it to restart a single service, such as Apache only, by passing the service name as argument:

$ sudo /opt/bitnami/ctlscript.sh restart apache

Obtain a list of available services and operations by running the script without any arguments:

$ sudo /opt/bitnami/ctlscript.sh

How to find application credentials?

Using the AWS Marketplace

The application username depends on the application. You can find the application username in the "Usage Instructions" section for your AWS Marketplace product subscription, as shown below.

The application password is randomly generated during the first boot. This password can be viewed as follows:

Log in to the AWS Cloud Console.
In the left navigation bar, select the "Instances -> Instances" menu item.
Select your instance in the dashboard.
From the "Actions" drop-down menu, select the "Get System Log" menu item.
Review the system log until you find the application password.

IMPORTANT: This password is only shown the first time you start the image. Please save your password in a safe place. We also recommend changing it in your application to a different value.

Using the Bitnami Launchpad

Your default credentials become available once you create a cloud server. To find them, follow these steps:

Browse to the Bitnami Launchpad for AWS Cloud and sign in if required using your Bitnami account.
Select the "Virtual Machines" menu item.
Select your cloud server from the resulting list.
The "Application Info" section in the left panel contains the credentials for your instance. The password is hidden by default but will be displayed in plain text when the "Show" button, adjacent to the password input, is clicked.

How to block a suspicious IP address?

If you have detected an IP address that is collapsing your server or just making suspicious requests, block it using iptables. To do this, run the following command:

$ sudo su
$ iptables -A INPUT -s 1.2.3.4 -j DROP

Remember to replace 1.2.3.4 with the IP address you want to block.

IMPORTANT: Use with caution. If you don't specify an IP address, you will block yourself.

This will block all requests from that IP address. To have your iptables rules active even after rebooting the server, follow these steps:

Execute these commands:

 $ sudo su
 $ iptables-save > /opt/bitnami/iptables-rules
 $ crontab -e

Edit the above file with your favourite editor and include this line at the end of the file:
```
 @reboot /sbin/iptables-restore < /opt/bitnami/iptables-rules
```
Save the file and exit.

Now, on every boot, the system will load and apply the iptables rules.

To delete a rule, run the following command:

$ sudo su
$ iptables -D INPUT -s 1.2.3.4 -j DROP

This will delete the rule. Remember to replace 1.2.3.4 with a valid IP address.

Rerun the iptables-save command shown previously to make the new rules active even after rebooting the server.

How to open the server ports for remote access?

By default, cloud servers launched through the Bitnami Launchpad for AWS Cloud have their ports closed to secure them against external attacks. This is done for all ports apart from ports 22 (SSH), 80 (HTTP) and 443 (HTTPS). In some cases, ports needed for specific applications to operate properly are also left open by default.

If you need to access your server remotely using a different port, you must first open the necessary port(s) using the AWS Cloud Console.

To open other ports for remote access, follow these steps:

Browse to the Bitnami Launchpad for AWS Cloud and sign in if required using your Bitnami account.
Select the "Virtual Machines" menu item.
Select your cloud server from the resulting list.
On the server detail page, click the "Manage in the AWS Cloud Console" button.
You will be redirected to the AWS Cloud Console. Log in if needed.
Select the instance in the dashboard.
In the lower panel, click the name of the security group used by the instance.
The resulting page will display the details of the selected security group. In the lower panel, select the "Inbound" tab to display a list of all the ports allowing inbound traffic.
Click the "Edit" button.
In the resulting dialog, select the "Add Rule" button and add a new "Custom TCP Rule" using the following guidelines:
- Port: Enter the port number or port range needed by the application
- Source: Use "Anywhere" to allow access from anywhere, or use "Custom IP" and specify an IP address range
Click the "Save" button to save your changes.

As an example, review the image below which demonstrates opening port 21 (the FTP port) for access.

Your security rule comes into effect immediately without any need to restart the server.

How to close the server ports and deny remote access?

To close a server port and deny remote access on that port, follow these steps:

Browse to the Bitnami Launchpad for AWS Cloud and sign in if required using your Bitnami account.
Select the "Virtual Machines" menu item.
Select your cloud server from the resulting list.
On the server detail page, click the "Manage in the AWS Cloud Console" button.
You will be redirected to the AWS Cloud Console. Log in if needed.
Select the instance in the dashboard.
In the lower panel, click the name of the security group used by the instance.
The resulting page will display the details of the selected security group. In the lower panel, select the "Inbound" tab to display a list of all the ports allowing inbound traffic.
Click the "Edit" button.
In the resulting dialog, click the cross next to the security rule for the port(s) you wish to close. This will delete the security rule, thereby denying inbound traffic on that port
Click the "Save" button to save your changes.

Your security rule comes into effect immediately without any need to restart the server.

How to upload files to the server with SFTP?

NOTE: Bitnami applications can be found in /opt/bitnami/apps.

The first step is to ensure that you have an SSH key for your server.

If you are using the Bitnami Launchpad for AWS Cloud, download the SSH key for your server in .ppk format (for FileZilla or WinSCP) or in .pem format (for Cyberduck) from the Launchpad detail page for your server.

Although you can use any SFTP/SCP client to transfer files to your server, this guide documents FileZilla (Windows, Linux and Mac OS X), WinSCP (Windows) and Cyberduck (Mac OS X).

Using an SSH Key

Once you have your server's SSH key, choose your preferred application and follow the steps below to connect to the server using SFTP.

FileZilla

IMPORTANT: To use FileZilla, your server private key should be in PPK format.

Follow these steps:

Download and install FileZilla.
Launch FileZilla and use the "Edit -> Settings" command to bring up FileZilla's configuration settings.
Within the "Connection -> SFTP" section, use the "Add keyfile" command to select the private key file for the server. FileZilla will use this private key to log in to the server.
Use the "File -> Site Manager -> New Site" command to bring up the FileZilla Site Manager, where you can set up a connection to your server.
Enter your server host name and specify bitnami as the user name.
Select "SFTP" as the protocol and "Ask for password" as the logon type.
Use the "Connect" button to connect to the server and begin an SFTP session. You might need to accept the server key, by clicking "Yes" or "OK" to proceed.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

If you have problems accessing your server, get extra information by use the "Edit -> Settings -> Debug" menu to activate FileZilla's debug log.

WinSCP

IMPORTANT: To use WinSCP, your server private key should be in .ppk format.

Follow these steps:

Download and install WinSCP.
Launch WinSCP and in the "Session" panel, select "SFTP" as the file protocol.
Enter your server host name and specify bitnami as the user name.
Click the "Advanced…" button and within the "SSH -> Authentication -> Authentication parameters" section, select the private key file for the server. WinSCP will use this private key to log in to the server.
From the "Session" panel, use the "Login" button to connect to the server and begin an SCP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

If you need to upload files to a location where the bitnami user doesn't have write permissions, you have two options:

Once you have configured WinSCP as described above, click the "Advanced…" button and within the "Environment -> Shell" panel, select sudo su - as your shell. This will allow you to upload files using the administrator account.
Upload the files to the /home/bitnami directory as usual. Then, connect via SSH and move the files to the desired location with the sudo command, as shown below:
```
   $ sudo mv /home/bitnami/uploaded-file /path/to/desired/location/
```

Cyberduck

IMPORTANT: To use Cyberduck, your server private key should be in .pem format.

Follow these steps:

Select the "Open Connection" command and specify "SFTP" as the connection protocol.
In the connection details panel, under the "More Options" section, enable the "Use Public Key Authentication" option and specify the path to the private key file for the server.
Use the "Connect" button to connect to the server and begin an SFTP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

How to configure a static IP address?

To configure a static IP address:

Browse to the Bitnami Launchpad for AWS Cloud and sign in if required using your Bitnami account.
Select the "Virtual Machines" menu item.
Select your cloud server from the resulting list.
On the server detail page, click the "Manage in the AWS Cloud Console" button.
You will be redirected to the AWS Cloud Console. Log in if needed. Note the instance ID of the server.
In the left navigation bar, select the "Network & Security -> Elastic IPs" menu item.
Click the "Allocate New Address" button.
In the confirmation dialog, click the "Yes, Allocate" button.

A new static IP address will be generated and will appear in the list of available IP addresses.

From the "Actions" drop-down menu, select the "Associate Address" menu item.
In the resulting dialog box, enter the instance ID of your server and click the "Associate" button.

The elastic IP address will now be assigned to your server and will persist across shutdown/reboot operations.

How to associate an existing IP address with a new instance?

To associate an existing IP address with a new instance, follow these steps:

Log in to the AWS Management Console.
In the left navigation bar, select the "Network & Security -> Elastic IPs" menu item.
From the "Actions" drop-down menu, select the "Associate Address" menu item.
In the resulting dialog box, enter the instance ID of the new server and click the "Associate" button.

The elastic IP address will now be assigned to your server and will persist across shutdown/reboot operations.

How to configure a custom domain?

To use a custom domain with a server started through the Bitnami Launchpad, follow these steps:

Configure a static IP address for your cloud server

Follow these instructions.

Configure the domain in your DNS provider

The next step is to update your domain's DNS settings, specifically by adding an A record that points to the static IP address of your cloud server.

This change can only be accomplished through your domain name provider; it cannot be made through the Bitnami Launchpad. You will therefore need to log in to your domain name provider's management console and make the necessary changes. Step-by-step instructions for some popular providers are listed below:

Remember that once you make the necessary changes, it can take up to 48 hours for the change to propagate across other DNS servers. You can verify the new DNS record by using the Global DNS Propagation Checker and entering your domain name into the search field.

At the end of this step, entering your custom domain name into the browser address bar should take you to your Bitnami application on the cloud server, as shown below:

Update application configuration

For some applications, such as Prestashop, it is also necessary to perform additional configuration so that the application "knows" its domain and the domain name is correctly reflected in application URLs. This is easily accomplished with the command-line Bitnami Configuration tool, bnconfig, which will update the application configuration and database to use the new domain wherever needed.

To use this tool, follow these steps:

Log in to your server console (instructions).
Change to your application directory, usually located under /opt/bitnami/apps/APP-NAME.

Execute the following command:

 $ sudo ./bnconfig --machine_hostname DOMAIN-NAME

For example, to configure Prestashop to use the domain my-shop.com, use the commands below:

$ cd /opt/bitnami/apps/prestashop
$ sudo ./bnconfig --machine_hostname my-shop.com

Or, to configure your WordPress Multisite blog to use the primary domain my-blog.com, use the commands below:

$ cd /opt/bitnami/apps/wordpress
$ sudo ./bnconfig --machine_hostname my-blog.com

How to backup a server?

IMPORTANT: We strongly recommend creating a backup of your server prior to any major changes or upgrades.

To create a backup, you will use AWS Cloud Console's snapshot feature. This feature creates a new snapshot of the disk, which can later be used to restore the server to an earlier state. Follow the steps below:

Browse to the Bitnami Launchpad for AWS Cloud and sign in if required using your Bitnami account.
Select the "Virtual Machines" menu item.
Select your cloud server from the resulting list.
On the server detail page, click the "Manage in the AWS Cloud Console" button.
You will be redirected to the AWS Cloud Console. Log in if needed. Note the instance ID of the server.
In the left navigation bar, select the "Elastic Block Store -> Volumes" menu item.
Review the list of volumes and identify the one attached to the server you wish to back up, using the instance ID in the "Attachment Information" column. Note the name of the volume.
In the left navigation bar, select the "Elastic Block Store -> Snapshots" menu item.
Click the "Create Snapshot" button.
In the resulting dialog, enter the volume name you identified earlier. Also, provide a name and description for the snapshot.
Click "Create" to create a snapshot of the disk.

Your new snapshot will be created and will appear in the list of snapshots.

How to change the server type?

The Bitnami Launchpad for AWS Cloud only supports server sizing during the initial server build process. Since the server is accessible via the AWS Cloud Console, you can get a resized version of the server from there afterwards if needed.

The procedure consists of creating a new server using the same disk as the server to be resized, and then deleting the old one following the steps below.

Browse to the Bitnami Launchpad for AWS Cloud and sign in if required using your Bitnami account.
Select the "Virtual Machines" menu item.
Select your cloud server from the resulting list. Note the server name.
On the server detail page, click the "Manage in the AWS Cloud Console" button.
You will be redirected to the AWS Cloud Console. Log in if needed.
In the left navigation bar, select the "Instances -> Instances" menu item.
Select your instance in the dashboard.
From the "Actions" drop-down menu, select the "Instance State -> Stop" menu item.
Once the instance has stopped, select the "Instance Settings -> Change Instance type" menu item.
In the resulting dialog, select the new server size and click "Apply".
From the "Actions" drop-down menu, select the "Instance State -> Start" menu item.

The server should restart using the new type.

How to clone an AWS server instance?

Log in to the AWS Management Console.
Select your instance and then select the "Create Image" option in the "Actions" menu.
Specify the name for the new image and then click the "Create Image" button.
Launch a new instance with the image.

Remember to select your current key pair or create a new one as shown below:

The new instance, once launched, will be a clone of the original instance.

How to migrate an Amazon instance to a different region?

Log in to the AWS Management Console.
Select your instance and then select the "Create Image" option in the "Actions" menu.
Specify the name for the new image and then click the "Create Image" button.
From the "AMIs" menu in the navigation panel, select the new image and select the "Copy AMI" option in the "Actions" menu.
Specify the new region in the resulting dialog window and click the "Copy AMI" button.

You will now be able to launch a new instance with the image in the new region.

How to launch T2, C4 or M4 instances using the AWS Launchpad?

T2, C4 and M4 instances can only be launched in an Amazon Virtual Private Cloud (VPC). A default VPC is usually configured for an AWS account when it is first created, but some older AWS accounts may not have this default VPC. For these accounts, it is not possible to launch T2, C4 or M4 instances using the AWS Launchpad.

To resolve this, create a new AWS account and associate it with the AWS Launchpad using the "Account -> Cloud Accounts" menu. Read more about this in the AWS documentation.

How do I check my current AWS usage?

Check your exact AWS usage here. Click the "Bill Details" link on the right for more information.

What are the default AWS limits?

AWS defines certain limits by default, to prevent users from accidentally creating too many resources. Your AWS account may reach one or more of these limits when using a large number of servers, backups or static IP addresses.

EC2 Instances

By default, AWS has a limit of 20 instances per region. This includes all instances set up on your AWS account.

To increase EC2 limits, request a higher limit by providing information about the new limit and regions where it should be applied.

Static IP Addresses

By default, AWS sets a limit of 5 static IP addresses per region. This includes IP addresses unassigned and currently assigned to a server.

To increase IP addresses limit, request a higher limit by providing information about the new limit and regions where it should be applied.

Snapshots

The AWS default limit for all snapshots is 10000 snapshots per region.

To increase the number of snapshots allowed, contact AWS Support and request a higher limit.

Other Limits

If your AWS account reaches any of AWS' other limits, contact AWS Support and request a higher limit.

How to upgrade an Amazon instance?

This guide describes the general process to upgrade from an older Bitnami Amazon Machine Image (AMI) version to a newer one. You can also follow these steps to switch to an AMI with a different operating system or version.

Application-specific guides for the most popular Bitnami applications are listed below:

Before beginning the upgrade process, we recommend making a backup of your current instance. While this is not strictly required and you will not actually be applying updates to your current instance, we still recommend making a backup before beginning any procedure. To do so:

Connect to your instance.
Make a backup using the AWS snapshot feature.

Step 1: Backup files

First, create a backup of the files on the instance. To do so:

Connect to the instance as explained in the FAQ.
Create a backup of the MySQL or PostgreSQL database.
- For MySQL, issue the following command (replace wordpress with the name of your application, such as drupal, redmine, etc.):
```
  $ mysqldump -u root -p bitnami_wordpress > /home/bitnami/wordpress_backup.sql
```
- For PostgreSQL, issue the following command (replace wordpress with the name of your app, such as drupal, redmine, etc.):
```
  $ pg_dump -U postgres bitnami_wordpress > /home/bitnami/wordpress_backup.sql
```
Create a backup of any uploaded images, themes and plugins. This depends on the application itself. For PHP applications (Drupal, Wordpress, Joomla! and others), replace wordpress with the app name and wp-content with the name of the file where the data is saved):
```
  $ cd /opt/bitnami/apps/wordpress/htdocs
  $ sudo tar -czvf /home/bitnami/wp-content_backup.tar.gz wp-content 
```
Create a backup of the configuration files. If the application is configured to run at the root URL, copy the configuration files of PHP or Ruby applications with the following command:
```
  $ cd /opt/bitnami/apps/wordpress/
  $ sudo tar -czvf /home/bitnami/conf_backup.tar.gz conf
```
Download the backup files to your machine. To download the backed up files to your local machine (so you can upload them to a new one), you can use the scp command to download them or use an SFTP client. For this tutorial, use the SCP command-line:
```
  $ scp -i /path/to/private_key.pem bitnami@old_server:*backup* .
```
You can also send files from the old instance to the new one directly. Assuming both servers were started with the same AWS cloud credentials, you can use the same SSH key to connect to both servers. On your local host, add your SSH key to the SSH agent:
```
 $ ssh-add /path/to/private_key.pem
```

Step 2: Move the data to the new instance

Start the new version of the Bitnami AMI.
Upload the files to the new instance. To upload the database backup and files downloaded earlier to the new instance, use the scp command as shown below:
```
  $ scp -i /path/to/private_key.pem wordpress_backup.sql wp-content_backup.tar.gz wordpress_backup.conf bitnami@new_server:
```

Restore the database and other files on the new instance:

  $ mysql -u root -p bitnami_wordpress < /home/bitnami/wordpress_backup.sql
  $ sudo tar -xzvf /home/bitnami/wp-content_backup.tar.gz -C /opt/bitnami/apps/wordpress/htdocs
  $ cp /home/bitnami/wordpress_backup.conf /opt/bitnami/apps/wordpress/conf

Restart the servers:

  $ sudo /opt/bitnami/ctlscript.sh restart

Step 3: Move the IP address

Once your new instance is up and running with all the files restored, point the old instance's IP address to the new instance.

How to configure your application to use a third-party SMTP service for outgoing email?

Bitnami applications can be configured to use a third-party SMTP service for outgoing email. Examples of such third-party SMTP services are SendGrid and Mandrill. Instructions for using both these are provided below.

SendGrid

SendGrid's SMTP service can be accessed using your SendGrid account credentials. These credentials can be obtained by logging in to the SendGrid website and visiting the "Account Details" page.

To configure your application to send email through SendGrid's SMTP service, use the settings below. Replace USERNAME with your SendGrid account username and PASSWORD with your SendGrid account password.

SMTP host: smtp.sendgrid.net
SMTP port: 25 or 587 for unencrypted/TLS email, 465 for SSL-encrypted email
SMTP username: USERNAME
SMTP password: PASSWORD

Here's an example of configuring WordPress to use SendGrid:

More information is available in the SendGrid documentation.

Mandrill

Mandrill's SMTP service requires an API key for access. To obtain this key, log in to the Mandrill website, navigate to the "SMTP & API" section and create an API key. Note the SMTP server name, username and API key, as these serve as your credentials for accessing the Mandrill SMTP server.

To configure your application to send email through Mandrill's SMTP service, use the settings below. Replace USERNAME with your SMTP username and API-KEY with the generated API key.

SMTP host: smtp.mandrillapp.com
SMTP port: 25, 587 or 2525 for unencrypted/TLS email, 465 for SSL-encrypted email
SMTP username: USERNAME
SMTP password: API-KEY

Here's an example of configuring WordPress to use Mandrill:

More information is available in the Mandrill documentation.

Similar steps can be followed for other third-party SMTP services as well. Consult your service provider's documentation to obtain details on authentication credentials and available ports.

Does Bitnami collect any data from deployed Bitnami stacks?

Yes. Bitnami cloud images and virtual machines include a small agent that starts on boot and collects a few pieces of information about the system. For users of Bitnami Virtual Machine Images, Cloud Templates, and Container Images we may also collect information from downloaded, pulled or deployed images or instances, such as the instance type, IP address and operating system version or the Bitnami account used to launch the image in order to improve our product offerings.

We encourage you to leave this tracking on, but if you would like to turn it off, you can comment out or delete the following line in the /etc/crontab file:

X * * * * root cd /opt/bitnami-stats ; ./agent.bin -run

(where X is a random number for each instance generated at the boot time)

Our complete privacy policy is available online. If you have any questions, please feel free to contact us at hello@bitnami.com.

What does the SSH warning 'REMOTE HOST IDENTIFICATION HAS CHANGED' mean?

This warning is normal when trying to connect to the same IP address but a different machine - for instance, when you assign the same static IP address to another server. You can fix the problem by removing the IP address that you are trying to connect to from your ~/.ssh/known_hosts file.

If you use PuTTY, the SSH key mismatch warning looks like the image below:

In this case, click "Yes" if you know the reason for the key mismatch (IP address reassigned to another server, machine replaced, and so on).