We Keep Coding

Domain Forwarding gives 403 error for AWS and GoDaddy

I have a client requirement for whitelabelling, for which I need to forward all requests at hello.example.com to data.value.com.
The url in the browser will show hello.example.com but the page loaded will be of data.value.com.
hello.example.com is hosted on GoDaddy and I have made the corresponding entries in GoDaddy
data.value.com is hosted on AWS with a Cloudfront Distribution.
Now, when I hit hello.example.com I get a 403 error from Cloudfront with the following error Message:
403 ERROR
The request could not be satisfied.
Bad request. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
Generated by cloudfront (CloudFront)
When I do ping or traceroute on hello.example.com, I am able to see that the ping happens on data.value.com.
What configuration changes do I need to make in order to re-direct my domain requests.

Cloudfront Error: 502 ERROR The request could not be satisfied

I have an aws lightsail instance. I have already created a distribution and choose the instance as my origin. But when I access the default domain that the distribution gives me: xxxxxxxxxx.cloudfront.net, I got this message:
502 ERROR
The request could not be satisfied.
CloudFront wasn't able to connect to the origin. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
Generated by cloudfront (CloudFront)
But when I using my domain name to access, it works fine, except some request I got x-cache: Miss from cloudfront
In my distribution, I set up Your distribution pulls content from your origin using HTTPS only.
And in my WordPress's config, I already have my SSL certificate installed and config https like this:
define('WP_SITEURL', 'https://' . $_SERVER['HTTP_HOST'] . '/');
define('WP_HOME', 'https://' . $_SERVER['HTTP_HOST'] . '/');
I don't know if there is anything wrong with my site, can you help me?

I just don't know what wrong with the distribution, certificates built-in AWS Lightsail.
So I go to service AWS Cloudfront and create a distribution with a certificate and config my Lightsail's DNS to this distribution. And everything works fine.
Refer: https://aws.amazon.com/blogs/compute/deploying-a-highly-available-wordpress-site-on-amazon-lightsail-part-1-implementing-a-highly-available-lightsail-database-with-wordpress/

Cloudfront and CORS: How do I configure "Forward the Origin header along with any other headers required by your origin."?

My Situation
I have a web api hosted in an EC2 instance. I am trying to configure a cloudfront instance "infront" of that EC2 instance.
However, I have not been able to get my cloudfront to forward requests to the EC2 instance. I get hit with an error response like this:
Access to XMLHttpRequest at 'https://api.example.com' from origin 'https://example.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No access-control-Allow-Origin header is present on the requested resource
However, if I change my DNS to point https://api.example.com to EC2 instance's IP address, it works.
What I have done so far
Configured to use correct SSL certificate (for a different problem earlier)
Configured my CF distribution's behaviors to Whitelist Headers: "Origin"
Configure my CF distribution's behaviors to "All" - (which disables caching)
Invalidated cloudfront cache
What I am trying to do
I came across this AWS doc titled "Configuring CloudFront to Respect CORS Settings".
Link
However, it only says "Custom origins – Forward the Origin header along with any other headers required by your origin."
But... How do I do that? How do I forward origin header along with any other headers required? The docs doesn't specify or link to another docs to do it.
I have spent 4 hours or so now and it's extremely frustrating because Cloudfront takes ~30 minutes to deploy.

I have managed to fix this issue it turned out I had overlooked another error returned by Cloudfront: 502 Bad Gateway. Even though Chrome will show the abovementioned error "Access to XMLHttpRequest...". This was caused by my improper DNS and SSL certificates configuration due to my inexperience.
I will try to answer my own question, seeing after hours of searching, there wasn't a straight answer regarding (Cloudfront, EC2 and HTTPS) in Stackoverflow and there are many unaswered questions.
The goal my group was trying to achieve was enabling HTTPS connectivity for the entire set-up: Users' browsers, Cloudfront distribution and my EC2 instance.
What I did to fix this:
Generated a free SSL certificate (e.g. Let's Encrypt) to use for EC2 instance using a sub-domain (i.e. ec2.example.com or wildcard *.example.com). *Note: ACM does not allow public SSL certificates to be exported that can be used in EC2 instances, so use other free online SSL services. Do not use self-signed certs.
Import this certificate into ACM to be used for Cloudfront later too.
Created a new DNS A record to map the sub-domain to the EC2 instance. (e.g. ec2.example.com to ec2-xx-xxx-xx.ap1-location.amazonaws)
Created a new Cloudfront distribution and set the origin as the sub-domain, ec2.example.com. Also, under "Cache Based on Selected Request Headers", set it to "Whitelist" and to forward "Origin" headers. For SSL cert in Cloudfront, use back the one generated back in step 1)
Created a new DNS A record and map an "api" sub-domain to the Cloudfront. (e.g. api.example.com to abcdxyz.cloudfront.net)
I am now able to use a sub-domain (api.example.com) to communicate with Cloudfront which in turns communicates back to my EC2 and performs caching, using HTTPS all along.
Reference links: link1,
link2
There is probably a better way to set this up and if so, please do correct me so I can improve too! Hopefully this answer will help someone else new like me in the future too.

ACM Cloudfront cloudflare strange problem

I recently use S3 to host a static site. My domain name is managed by Cloudflare and using a dedicated Cloudflare certificate. I don't want to turn on auto redirect http->https on Cloudflare so I have to create a Cloudfront distribution to do that. I know that's some kind of ugly solution because I use 2 CDN at the same time. Here is the description of my problems:
I create a S3 bucket name staging-etheremon.kyber.network
Create a Cloudfront distribution pointing to that bucket, the distribution using Default CloudFront Certificate.
I CNAME the domain name staging-etheremon.kyber.network to that Cloudfront domain. When I try to access using staging-etheremon.kyber.network, Cloudflare shown 526 Invalid SSL Certificate.
Next I open AWS Certificate Manager console and request a public certificate for staging-etheremon.kyber.network using DNS validation. It prompted me to create a CNAME in Cloudflare. I did just that but it still shown me pending validation.
Here is the strange part, after request the cert, my site was working despite the fact that I didn't change the Cloudfront config to import the cert and the certificate request is still PENDING VALIDATION. Also, I tried deleting the request and the site shown 526 error again. I recreate the request and the site was working again. Strange!
I also wait for a few days, I think more than 72 hours and now the request status change from PENDING VALIDATION to VALIDATION TIMED OUT. However, my site is still working, your can check it at staging-etheremon.kyber.network. I also deleted the VALIDATION TIMED OUT request, and the site is working.
I don't know what is the root cause of the problem, but I think it might be some kind of caching, might be on DNS server, CA server or Cloudfront, ...
Thanks in advance!

Cloudfront Distribution: Deliver from custom domain

I am trying to load all my static resources for my website using the amazon cloudfront distribution. I have configured everything and I am able to load my files using the cloudfront domain URL.
I have also added a SSL certificate with ACM for my site domains *.mydomain.com and verified and added the custom SSL configuration to the distribution.
I have also added the Alternate Domain Names (CNAMEs) : test.mydomain.com to the distribution.
What I am trying to do is load my static files using the url https://test.mydomain.com/animate.css which I am currently not able to. But I am getting the same file using the cloudfront URL https://myclouddomain.cloudfront.net/animate.css
I have also tried this after renaming my bucket to test.mydomain.com and is still not working.
Am I missing something here or is there any other configurations I need to do to load these files using my domain.

In your DNS registrar, make sure you have created a CNAME test.mydomain.com and pointed it to myclouddomain.cloudfront.net.
Elaborate on "it is not working", what's the error code/message?
DNS issue - point test.mydomain.com to myclouddomain.cloudfront.net in your domain registrar,
400 Bad Request - make sure the CNAME is properly configured in CloudFront
502 Bad Gateway - make sure the origin has an SSL certificate valid for: CloudFront CNAME if you are forwarding the Host Header,CloudFront Origin domain name if you are not forwarding the Host Header