DNS-PROBE_POSSIBLE - S3 Static Website

0

I am currently working on building my own Website. Steps completed:

  • Built in HTML & CSS with all files copied to S3 Bucket.
  • Purchased Domain Name through (Route53) AWS and had this verified.
  • Setup CloudFront as my CDN, distribution has been verified by AWS and status is Enabled.

The issue seems to be with DNS OR the S3 Bucket. For example, in S3, I navigate to the Static Website Hosting area and select Bucket Website Endpoint. I now get a DNS Error when I try and access via S3.

If I navigate to the website ron-jackson.co.uk or www.ron-jackson.co.uk I get the following error: ron-jackson.co.uk’s DNS address could not be found. Diagnosing the problem. DNS_PROBE_POSSIBLE

Ive obviously missed something, I just cant see what Ive missed. Any suggestions would be appreciated.

Thanks

7 Answers
2

Hello.

I tried resolving the domain name using the "dig" command, but I cannot confirm the A record.
What settings do you have in your Route53 hosted zone?

dig ron-jackson.co.uk

; <<>> DiG 9.16.1-Ubuntu <<>> ron-jackson.co.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5062
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;ron-jackson.co.uk.             IN      A

;; AUTHORITY SECTION:
ron-jackson.co.uk.      900     IN      SOA     ns-422.awsdns-52.com. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

;; Query time: 42 msec
;; SERVER: 192.168.11.1#53(192.168.11.1)
;; WHEN: 木  9月 05 20:51:08 JST 2024
;; MSG SIZE  rcvd: 127

dig www.ron-jackson.co.uk

; <<>> DiG 9.16.1-Ubuntu <<>> www.ron-jackson.co.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23876
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.ron-jackson.co.uk.         IN      A

;; AUTHORITY SECTION:
ron-jackson.co.uk.      900     IN      SOA     ns-422.awsdns-52.com. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

;; Query time: 62 msec
;; SERVER: 192.168.11.1#53(192.168.11.1)
;; WHEN: 木  9月 05 20:50:58 JST 2024
;; MSG SIZE  rcvd: 131

By the way, if you are setting up CloudFront, you do not need to set up static website hosting on S3, instead set up OAC.
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html

Additionally, if you want to set up a custom domain on CloudFront, you will need to set up an alternative domain as described in the document below.
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CreatingCNAME.html

profile picture
EXPERT
answered a month ago
profile picture
EXPERT
reviewed a month ago
0

Thank you @sandeep.

  • No A or Alias records.
  • I have amended the CNAME record to point to the CF Distrobution name. I will keep the threard updated.

Thanks,

Ron

answered a month ago
  • You need to create an alias record instead of a CNAME record.

0

Enter image description here

Thank you. So I have my Cname record as shown in the Screenshot. Im actually following along with the Cloud Resume Challange hence why I am setting up CloudFront.

answered a month ago
0

Hii

Verify your DNS Records:

  • Login to your Route53 console.
  • Check if there are any "A" records or "Alias" records pointing your domain name (ron-jackson.co.uk) and potentially the subdomain (www.ron-jackson.co.uk) to your CloudFront distribution.
  • Make sure the record values point to the CloudFront distribution domain name, NOT directly to the S3 bucket name. CloudFront provides the domain name when creating the distribution.

Check DNS Propagation:

  • After making changes to DNS records, it can take up to 48 hours for those changes to propagate across the internet. Be patient and try accessing your website again after a reasonable time

. Use a DNS Lookup Tool:

  • Tools like dig or online services like mxtoolbox.com can help you verify if your DNS records are set up correctly.
  • Use the tool to query for your domain name and see if it points to the CloudFront distribution domain name.

Resources:

Additional Tips:

Double-check for typos in your domain name or record values. Make sure your S3 bucket policy allows public access to the website files.

profile picture
EXPERT
Sandeep
answered a month ago
0

Thank you Riku, created the A Name record as advised. Will report back.

answered a month ago
0

Still no luck Im afraid. If I try and access via the CloudFront distribution name (d1o3vngl05ttm.cloudfront.net) I can access with no problem. ive configured DNS with an A Record (As per screenshot). I just cant see what Im missing here:

Enter image description here

answered a month ago
0

Hello! So I've been following this since it was submitted. To me, it seems like everything is functional? Your CF distribution is working via Route53 alias record, in your public hosted zone? But your S3 bucket website URL still doesn't seem to work, directly?

Is that something you desire - direct access to the S3 bucket? Did you setup OAC (origin access control), by chance? https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html

This is a security feature which only allows access to the S3 bucket through the CF distribution. I may be off on my assumptions here, but the idea is to reduce the attack surface and require users to use CF, which has security features inherently built into the service.

Let us know if you setup OAC on the distributions --> Origins (edit) tab. This puts a bucket policy for copy/paste - maybe you did that? Also check the bucket policy, is it still public?

AWS
KAS
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions