2

I am using route 53 for a domain (example.com) linked to my app on Heroku. To handle naked domain redirection, I am using a S3 bucket as explained here: https://aws.amazon.com/blogs/aws/root-domain-website-hosting-for-amazon-s3/

As S3 doesn’t support SSL ( https:// example.com was not accessible), I set up a Cloudfront distribution (d2123.cloudfront.net) and a custom SSL (with SNI) linked to my S3 bucket as explained here:

http://stackoverflow.com/a/30495934/1479849

I entered example.com in the field "CNAME alternate domain"

When I visit my cloud front distribution using https, I get redirected to my website at www.example.com, which tells me that my configuration is correct.

I am having a problem at the last step, when I set up route 53 to link example.com to my Cloudfront distribution. I created an ALIAS (from example.com to my Cloudfront) and https://example.com is redirected to https://www.example.com (Yay!) but http://example.com/* returns a Cloudfront Error

Anybody knows how to set route53 to have an ALIAS to a Cloudfront distribution linked to an S3 handling redirection?

Cyril Gaillard
  • 121
  • 1
  • So you can't use Elastic Load Balancer? Sorry, not understanding why you are using S3. Not familiar with Heroku. They don't have a solution? – Edwin Oct 21 '15 at 23:42
  • route 53 doesn't support naked domains apparently, so you need to use a S3 bucket for naked domains. https://devcenter.heroku.com/articles/route-53#naked-root-domain – Cyril Gaillard Oct 21 '15 at 23:51
  • 1
    The DNS Spec doesn't support naked domains. You can bring up a simple webserver to handle the redirects. I'm surprised heroku doesn't offer one. – Edwin Oct 21 '15 at 23:55
  • @Edwin Route 53 has an internal mechanism for this. CloudFront config calls alternate domains "cnames" but they are not really CNAMEs this configuration should work. – Michael - sqlbot Oct 21 '15 at 23:58
  • @Michael-sqlbot If it does work, I'm voting it the least elegant solution of the year. :) – Edwin Oct 22 '15 at 00:00
  • 1
    It's really quite elegant once you see it in action. It's a virtually no cost, low touch, serverless way of redirecting naked `https://example.com` to `https://www.example.com`. S3 introduced the redirect capability, and Route 53 alias integrates to S3 and CloudFront for exactly this purpose. – Michael - sqlbot Oct 22 '15 at 00:03
  • @CyrilGaillard, what is the CloudFront error? If the HTTP response code isn't mentioned in the body, check the headers, please. You should have a single cache behavior for `*` (default) pointing to the S3 origin, the origin protocol policy set to "HTTP only" and the bucket set to "redirect all requests to another hostname." – Michael - sqlbot Oct 22 '15 at 00:08
  • The error is bad request and the header is HTTP/1.1 403 Forbidden – Cyril Gaillard Oct 22 '15 at 00:16
  • I double checked and I do have "http only", the cache behavior is * and the bucket is set to "redirect all requests to another hostname." – Cyril Gaillard Oct 22 '15 at 00:22
  • When you created the origin, did you select the bucket from the drop-down list, or did you type in the web hosting endpoint shown in the S3 console for the bucket? Typing in the endpoint is correct, selecting from the drop-down does not work with redirects, because it hits the REST endpoint for the bucket. – Michael - sqlbot Oct 22 '15 at 01:50
  • I wish I could add a screenshot on comments. The origin is set to example.com (and not the bucket ). I also added example.com as the Alternate Domain Names – Cyril Gaillard Oct 22 '15 at 02:02

1 Answers1

0

I found the problem in my configuration (Thanks to Michael's comment).

When I set the origin of the Cloudfront distribution, I entered example.com. It was supposed to be example.com.s3-website-us-east-1.amazonaws.com, the link in the S3 console. So to summarise, when one sets up a Cloudfront distribution for this issue, the origin is not the link in the dropdown menu, not the naked domain, it is the link in the S3 console in the Static Website Hosting >> Endpoint

Cyril Gaillard
  • 121
  • 1