Geek Answers Handbook

Support for HTTPS URL Redirection with a Single CloudFront Package

I have a domain formulagrid.com .

I use AWS S3 to host it as a static website. My problem was that I wanted to redirect the www subdomain to the same domain:

  • https://www.formulagrid.com -> https://formulagrid.com
  • http://www.formulagrid.com -> https://formulagrid.com

Amazon provides redirecting URLs from the S3 bucket to the S3 bucket if they are configured for static website hosting.

So, I needed to create two buckets:

  • formulagrid.com - actual website
  • www.formulagrid.com - exists only to redirect to the actual website.

This works fine if you only work through HTTP, but S3 absolutely does not support HTTPS.

A way to use HTTPS to connect to a static S3 site is to configure CloudFront distribution in front of the S3 bucket. CloudFront, however, although it provides HTTPS, basically exists to work as a CDN.

At first, I had the only CloudFront distribution setup in front of the S3 bucket that hosted the actual site. Everything seemed operational: the site was distributed via CDN, HTTPS and HTTP redirected to HTTPS.

There was one exception.

  • https://www.formulagrid.com was a completely broken page

After trying to find the source of the error for a while, I realized this because it did not go through the CDN, and trying to access S3 via HTTPS does not work.

Finally, I had to make another distribution, located in front of the www S3 bucket, so that it was accessible via HTTPS. This is where my problems arise, because, as I mentioned earlier, CloudFront's main goal is to be a CDN.

It doesn't seem to me that the CDN is sitting in front of an address that is simply being redirected to another. The question also arises as to whether I will be charged twice for each request that falls into the www subdomain, because after redirecting it got to another CloudFront distribution.

This is disappointing because I'm trying to make a serverless architecture using Lambda, and I only need to provide an EC2 instance to rewrite the URLs, this is not what I want to do if it is not my last resort.

The solution would be trivial if Amazon offered any form of URL rewriting or if CloudFront redirected itself, but none of them exist as far as I know (let me know if they do).

I'm new to AWS, so I hope someone with more experience can point me in the right direction.

+6
source share
1 answer

You think too narrowly - there is nothing wrong with this setting.

The solution would be trivial if Amazon offered any form of URL rewriting

They do - an empty bucket.

S3 absolutely does not support HTTPS.

Not for websites hosted by buckets, no ... but CloudFront does.

CloudFront is not just a CDN. It also disables SSL, overwrites the Host: header header, path pre-agent, geolocation, geo-resistor, secure content gateway, HTTP-https redirection, error page editor, root page substitute, web application firewall, source header injector, gzipper dynamic content, multi-source HTTP request router, viewing platform identifier, DDoS mitigator, target aspect of the airfield of the zone ... so don’t be too fixated on the β€œCDN” or the fact that you are laying one service Before Another - - CloudFront was designed primarily to complement S3. Each of them specializes in certain aspects of storage and delivery.

So, you did it right ... for the most part ... Create a bucket, configure it to host the website, configure it to redirect all requests to another website (non-www) and set CloudFront in front of it - using the URL Website endpoint addresses with a bucket in CloudFront, and not from a drop-down list with a high TTL so that CloudFront sends the minimum number of requests to S3 and then places your (free!) SSL certificate from Amazon Certificate Manager. HTTPS alternative domain routing: resolved. No servers, no troubleshooting problems and cheap. The only accusations are the use - there is no recurring fee, as it would be with the servers.

Extra credit: set up CloudFront redirection for the cheapest bidding level. Forwarding from more expensive places will either be routed to a cheaper place on the edge, or - using the CloudFront option - can be filed from a more expensive location, but billed at a lower rate.

Note that most of the time, CloudFront should handle redirects from S3 from the cache ... and when you configure the bucket to redirect all requests to a different host name, the redirection is a permanent redirect 301 - which browsers themselves should cache.

+7
source

More articles:


All Articles