I'm relatively new to AWS and was trying to secure my WIX subdomain (api.example.co.za) which is connected to AWS. So far, I have an EC2 instance for the website, as well as my S3 bucket running. I have also set up my CloudFront and pointed my subdomain on wix (api.example.co.za) to CloudFront (df***.cloudfront.net) within WIX DNS records. I got an AWS certificate through DNS verification and attached it to my CloudFront. In AWS CloudFront, I also routed all requests to my S3 bucket. I also redirected all traffic from http to https in CloudFront
When I type into my brower api.example.co.za, I am able to access my website, but insecurely, just as before. But when I type https://api.example.co.za, the website is secure, but does not load the web content. When Inspect the web content in Chrome>Inspect>Console, I see the following errors
Mixed Content: The page at 'https://api.example.co.za' zone-evergreen.js:29** was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://api.example.co.za/users/5e7a2'. This request has been blocked; the content must be served over HTTPS.
Related
I have deployed an Angular application on Firebase that uses Node.js APIs that is hosted on AWS Windows EC2 instance. When I try to run the Firebase app on the browser and try to log in, I get the following error:
The page at 'https://website.web.app/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://IP-address/API'. This request has been blocked; the content must be served over HTTPS.
Is there a way I can load an SSL certificate onto the AWS EC2 instance to allow the APIs to be sent over an HTTPS url?
Is there a way I can load an SSL certificate onto the AWS EC2 instance to allow the APIs to be sent over an HTTPS url?
Yes, there are many ways of doing this. The easiest (don't confused with the cheapest) is to front your instance with an Application Load Balancer. Also you need your own domain. Once you have bought the domain, you can get free ssl from AWS ACM. After that you can easly add the ssl certificate to the ALB to have full support for HTTPS.
I've completed the instructions located here: https://dcurt.is/how-to-host-a-static-website-on-aws-with-https
This is to setup s3 buckets for the hosting of a web site, ACM for getting an SSL cert, CloudFront to attached to the ACM and buckets, and Route 53 to the CloudFront instances.
When I go to my domain to view my website, it says "Server Not Found" and I see it is being directed to a URL in the wrong form: https://http//mydomain.com.s3-website-us-east-1.amazonaws.com/
Any ideas?
I think you need to check the CNAME value of your domain A record and change it from http//mydomain.com.s3-website-us-east-1.amazonaws.com to mydomain.com.s3-website-us-east-1.amazonaws.com
I recently migrated my WordPress to an EC2 instance. I attached an Elastic IP address to it and created an A record in my Route 53. But all my requests were HTTP so I wanted to use CloudFront to redirect all my HTTP to https.
I created a CloudFront distribution and now all my HTTP requests are redirected to https. And since my SSL certificate is active, my site is secure.
But now my site (blog.insisivecloud.io) doesn't load and I get a 502 Error which says "CloudFront wasn't able to connect to the origin." I have given the public DNS of the EC2 instance as my origin.
When I go to the public DNS of the EC2 where the blog is hosted it works fine. (ec2-54-167-212-65.compute-1.amazonaws.com)
Where am I going wrong here?
As official documentation says:
For HTTPS viewer requests that CloudFront forwards to this origin, one of the domain names in the SSL certificate on your origin server must match the domain name that you specify for Origin Domain Name. Otherwise, CloudFront responds to the viewer requests with an HTTP status code 502 (Bad Gateway) instead of returning the requested object. For more information, see Requirements for Using SSL/TLS Certificates with CloudFront.
Documentation
Offers only HTTP, how to make it to work on HTTPS? Is it possible?
I configured and it is working fine for HTTP, but for HTTPS I'm getting
This site can’t be reached
Even though I created certificates to my domain in AWS Certificate Manager.
CloudFront can be used to serve HTTPS request for static website hosted on S3.
Here is some AWS documentation https://aws.amazon.com/premiumsupport/knowledge-center/cloudfront-https-requests-s3/
Also, i found this blog very explanatory - https://medium.com/#sbuckpesch/setup-aws-s3-static-website-hosting-using-ssl-acm-34d41d32e394
Hope this helps.
To configure HTTPS for Static website hosted using S3 as Web site feature, you have to configure AWS CloudFront to serve the website from the CDN locations and ACM can be configured on CloudFront distribution.
Create the Route 53 record set pointing to CloudFront Distribution Endpoint
This way you can server the S3 website on HTTPS and also it will reduce latency as well to your end users request.
Hope this helps
I try access to Amazon AWS S3 with https.
This link with http works: http://sc-st01.s3-website-eu-west-1.amazonaws.com/
But this not: https://sc-st01.s3-website-eu-west-1.amazonaws.com/
Is there any setting to enable it?
I use CNAME also but i think the problem is in access to https.
Thank you for any advice.
UPDATE: This refers to using S3 to host static web content.
If you are using your S3 bucket to host static web content, then HTTPS isn't supported. To quote the AWS doc, it says under the Test your website section:
Note
HTTPS access to the website is not supported.
Not very helpful. If you are interested in learning how S3 virtual hosting works, you can read more about it here.
To serve your static web content over HTTPS, you will need to set up an AWS CloudFront distribution, which is quite straight forward via the AWS Management Console. The only configurations that will require special attentions are:
Origin Domain Name: This should refer to the URI of your S3 bucket. In your case, it will be sc-st01.s3-website-eu-west-1.amazonaws.com
Viewer Protocol Policy: Default to HTTP and HTTPS Only
Alternate Domain Names (CNAMEs): CNAME you set up in your DNS.
SSL Certificate: Either Default CloudFront Certificate or Custom SSL Certificate if you have one. Note that setting up custom SSL certificate is more involved as it needs to be uploaded to the IAM.
Default Root Object: The default file you want to serve when your user visits your static web site.
Once you're done with setting up the configurations, it will usually take 5 to 10 minutes for the new distribution to be fully configured and set up. Refer the Status field on the CloudFront management dashboard for progress. When ready, you will see the new Domain Name of your distribution. You should be able to access the static web content in your S3 bucket (assuming that the permissions of the content is granted to Everyone) by navigating to the http: or https:// URL of your distribution Domain Name.
I will also recommend checking out the CloudFront pricing to ensure if you are aware of what is free, and what isn't.