Cloudfront redirect www to naked domain with ssl
RedirectSslAmazon S3Amazon CloudfrontAmazon Route53Redirect Problem Overview
Forgive me if this has been asked before, there are a number of resources that touch on this, but nothing seems to fit for my specific (https) use-case.
I'm trying to redirect https://www.example.com to https://example.com. Likewise, this should work for http://www.example.com to https://example.com.
I have set up a cloudfront distribution with the origin of an s3 bucket, redirect http to https, added the cname example.com and added my domain certificate (which works for the www subdomain as well as the naked domain).
I have also set up a separate distribution, with a cname for www.example.com, added the certificate and set the origin to a separate s3 bucket that in (static website hosting) redirects all requests to https://example.com.
Redirection works as expected for http://example.com to https://example.com, however http(s)://www.example.com to https://example.com does not.
In route 53 I have the root domain aliased to the first cloudfront distribution and www aliased to the second.
Redirect Solutions
Solution 1 - Redirect
To host website on AWS so that:
https://www.example.com, http://www.example.com and http://example.com all redirect to https://example.com
you need to:
-
Create two S3 buckets named: example.com and www.example.com.
-
Turn on the Static Website Hosting on these two buckets.
-
Configure redirect in bucket www.example.com to: https://example.com. In the bucket properties choose Static Website Hosting => Redirect all requests to another host name. In Target bucket or domain field, enter example.com, in Protocol field, enter https
-
For these buckets create two CloudFront Distributions. Each of this distributions point to corresponding bucket:
-
For Origin Domain Name provide bucket urls provided in Static Website Hosting section. The urls should have form (or similar): example.com.s3-website-us-west-1.amazonaws.com
-
On both distribution set HTTP to HTTPS redirect.
-
DO NOT USE URL SUGGESTED BY AMAZON AUTOCOMPLETE!
-
DO NOT SET Default Root Object PROPERTY!
- Configure DNS by setting A records for www.example.com and example.com to point to corresponding CloudFront distributions.
Why does it work? CloudFront provides the redirect from HTTP to HTTPS in both cases (with and without www). The bucket for www.example.com provides redirect to example.com. If you didn't have this distribution, the bucket would not be able to redirect request for https://www.example.com. S3 itself does not support HTTPS for static website hosting.
Solution 2 - Redirect
I found the solution thanks to this answer: https://stackoverflow.com/questions/22740084/amazon-s3-redirect-and-cloudfront
In short:
Cloudfront does not respect the redirection rules setup in S3 if the origin is just the bucket ID. Instead I had to set the origin to the provided s3 static website host name.