I am hosting a static website on AWS using Amazon S3 + CloudFront + HTTPS.
I need to ensure that the website is opened by only one of the CNAMEs and not the other (non-www). The S3 domain must also be forwarded to the main WWW domain.
How can this be done?
You need to use S3 to redirect the requests.
You will firstly need to create two buckets with the names: www.example.com and example.com and provide appropriate bucket
policies
You will then need to redirect all the traffic from example.com S3 bucket to www.example.com by going into static website hosting
settings. Check out the below settings
Now, you have to setup the CNAME in Route53 such that example.com will translate to www.example.com
Create a distribution for www.example.com and use the alternative CNAME as www.example.com
If I understand you correctly, you can add a CNAME to a CloudFront Distribution from within the CloudFront console. You can also add a CNAME to a CloudFront distribution in Route53 by selecting to add a CNAME, click the Alias=yes radio button and select the relevant CloudFront resource.
See image below for where this is done in Route 53:
Related
So I created two buckets in S3. One with my domain name xxx.ninja and the other with the www. subdomain. The www one I redirected to the first. Then I created a domain in Route 53. And because I wanted https on my site I created a cloudfront distribution with redirect http -> https.
The s3 bucket url works just fine, but the site URL does not. I think I may have set it up incorrectly.
In AWS CloudFront I created my distribution and used the cloudfront default SSL cert. I choose redirect http -> https. And I pasted in my s3 website URL.
Then I copied the domain name and went to Route 53. After I created my domain I open its hosted zone and added an A record with the alias of the cloudfront domain name.
But the URL doesn't work. I get a 403 CloudFront error in the browser.
Thoughts?
IF you're using the default CloudFront SSL this indicates to me that you're not using a custom hostname (which would deny access to the CloudFront distribution).
You will need to add additional names to your CloudFront distribution (specifying every hostname that will have a DNS record resolving to the CloudFront distribution). In addition you will need to generate an SSL in ACM (which is free), this must be in region us-east-1.
More information on how to add a custom domain to your CloudFront distribution is available here.
I am trying to use cloudfront for static website s3 with my custom domain.
Following are the steps I followed:
1) Setup a s3 bucket (say, example.com) and enabled static website hosting on it.
2) Also setup a s3 bucket (www.example.com) which redirects to example.com.
3) In route 53, added a hosted zone (example.com) and added the record sets.
4) After this, http://example.com works for me.
Now I am trying to add cloudfront to it. I added the following steps:
5) From Amazon Certificate Manager, added a certificate for www.example.com and got it verified (added to Route 53 DNS, it was verified automatically after some time).
6) Created a cloudfront distribution with following settings:
Domain Origin: www.example.com
Origin Protocol Policy: HTTP Only
Alternate Domain Name: www.example.com
SSL Certificate: Selected from ACM
When I try to launch: https://example.com or https://www.example.com, the site doesn't load. http://example.com does load, but I am not sure if cloudfront is actually working on this or not. Also why is https not loading?
To setup the S3 bucket behind the CF distribution WITH SSL you need to:
Setup S3 bucket example.com (Block all public access = off, policy https://d.pr/i/KU1Q4z)
Create certificate in ACM issued at example.com and *.example.com(or specific subdomain at will), validate it
Create CF distribution
Set created CF alternate domain names to: example.com *.example.com (other subdomain here)
Use custom SSL certificate (previously created and validated)
Create/change default origin, to: example.com.s3-website-AWS_REGION.amazonaws.com with origin protocol policy HTTP Only
CF Default origin behaviour should be more-less like this: https://d.pr/i/h6PrG6
In Route 53 set CF A ALIAS for example.com and CNAME for *.example.com (or other subdomain) pointing at CF_DISTRIBUTION_ID.cloudfront.net
you need to go into rt 53 and point the domain at your cloudfront distribution. It won't appear as an option unless you've set the domain as an alternate domain in the distribution settings. Also, that cert won't work for anything except www.example.com, meaning example.com is excluded. you need a cert that includes example.com and www.example.com (or *.example.com to cover all subdomains)
My problem
I'm trying to 301 redirect my S3 hosted domain-a.com to domain-b.com in my SSL-secured AWS Cloudfront setup. I cannot figure out how to achieve this. Instead both domains now serve the Cloudfront/S3 Bucket content.
My use case
Before switching to Cloudfront I used to handle redirects with S3's static website hosting options by redirecting the secondary domain bucket to the primary domain bucket.
In order to secure my S3-hosted static site with SSL certificates I made the switch to Cloudfront.
SSL certificates work fine, but because now both domains point to the cloudfront distribution (see screenshots below) I can access the same content on both domains. This does not only lead to duplicate content but also confuses users and is not really the best UX.
Route 53 and Cloudfront config for both domains
Route 53 points to a single Cloudfront distribution for both domain-a.com and domain-b.com
Cloudfront points to the domain-b.com S3 bucket
How can I redirect domain-a.com to domain-b.com so as to only have one primary domain which my users see and use? Can this be achieved through Route 53 DNS settings or do I have to edit my Cloudfront configuration?
Create a separate bucket for domain-a.com, configure that in your CloudFront and apply the redirect rules to point it to domain-b.com.
Check the picture below on how to set the redirect.
Hope it helps.
Problem -
custom domain in CloudFront is not working
I'm hosting a static website in AWS. There is two S3 buckets - mydomain.com and www.mydomain.com, where the later one redirects to the first one.
In Route 53, mydomain.com points to S3 bucket as A record and wwww.mydomain.com act as an A record alias to mydomain.com.
Now I wanted to use CloudFront but wanted to be used as https://cdn.mydomain.com/asset/some-image.png. So, I added mydomain.com, www.mydomain.com, cdn.mydomain.com as Alternate Domain Names (CNAME) in CloudFront. But please note that I do not have a S3 bucket named cdn.mydomain.com
Now as required, in AWS ACM, I have also added mydomain.com as domain name and the other two (www and cdn) as alternate domain names and all of these 3 domain have CNAME records in AWS Route 53.
Finally, I wanted to route traffic from Route 53 to Cloudfront but wanted to use my desired cdn.mydomain.com instead. So, I have created A and AAA alias record in Route 53.
name - cdn
alias - Yes
alias target - cloudfront generated domain
Result :
cloudfront generated domain works and it points to my website but cdn.mydomain.com does not (IP address not found). Just at this point, I have created another S3 bucket cdn.mydomain.com and redirected to mydomain.com. But this action requires an A record to be added in Route 53. But there is already an A record for the same name - cdn.mydomain.com that points to CloudFront domain, so no way to create another alias for the same name.
If its clear what my problem is, then please suggest the solution for it.
Well, apparently the problem was having HTTPS only policy in CloudFront -> Viewer Protocol Policy. Don't know why it matters. Changing it to Redirect HTTP to HTTPS surprisingly solves this problem.
I know how to redirect/rewrite non-www to www using .htaccess in apache server. But I have no clue, about s3 bucket, and CloudFront. I have hosted the website on an s3 bucket using CloudFront.
How do I redirect all http://example.com/ requests to http://www.example.com
Create a www.example.com S3 bucket and place all the code in this bucket
Create a example.com S3 bucket and set redirect to www.example.com as mentioned in https://aws.amazon.com/blogs/aws/root-domain-website-hosting-for-amazon-s3/
Create CloudFront and configure with S3 bucket link of www.example.com and add cname entry only for www.example.com.
In Route 53 for www.example.com point alias as CloudFront link related to S3 bucket
In Route 53 for example.com point alias S3 bucket of example.com
There is a feature in S3 where you can to this. Select a bucket, in Properties under Static Web Hosting select Redirect all requests to another host name.
Read more here: https://aws.amazon.com/blogs/aws/root-domain-website-hosting-for-amazon-s3/
Update from comment:
Add a cname in your domain setup for example.com to point to your bucket endpoint and a cname for your www.example.com to point to the cloudfront endpoint.