By using AWS re:Post, you agree to the Terms of Use

CloudFront not pointing to website

0

Hi I set up my new website on AWS (www.knowyoursubject.com) and thought I had set up CloudFront OK but the distribution domain name given by CloudFront d2p0nm63829vgn.cloudfront.net brings up strange message.

3 Answers
0

The error that I get is Access Denied. Can you share what is the origin that is setup behind CloudFront? Also, which cache and origin request policies are you using? This error can often occur if origin is expecting one thing (like a certain host header), but CloudFront is forwarding something different.

If you can provide some additional details, we can probably figure it out.

profile picture
answered a month ago
  • Hi JeremyAWS The origin name is knowyoursubject.com.s3.eu-west-2.amazonaws.com Origin domain is knowyoursubject.com.s3.eu-west-2.amazonaws.com Origin access identity is origin-access-identity/cloudfront/E3ACSZ9UVFDL0C

    Cache policy name is Managed-CachingOptimized Origin request policy is blank Response headers policy name is blank

    Thanks Martin

  • Martin, Thank you for the additional details.

    I am trying to hit the CloudFront domain name that you shared in your original post, but it is no longer resolving for me.

0

Hi Martin,

I think I see the issue. When I check your new distribution domain (d2yyy4m4xxvebl.cloudfront.net) I get a 403 Access Denied error, just like before, however when I manually add index.html it works. Here are my tests.

Failed Test:

curl -I https://d2yyy4m4xxvebl.cloudfront.net
HTTP/2 403 
content-type: application/xml
x-amz-bucket-region: eu-west-2
date: Fri, 01 Jul 2022 15:22:13 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 6cc41d94d86a801771f93bf4b08d0b94.cloudfront.net (CloudFront)
x-amz-cf-pop: MIA3-C4
x-amz-cf-id: BV5gkqsGzGcq_dTuXjKxck2iEk_MTNnCqsQVGns48eJ5jfCu9KMSLA==

Successful Test:

curl -I https://d2yyy4m4xxvebl.cloudfront.net/index.html
HTTP/2 200 
content-type: text/html
content-length: 23805
date: Fri, 01 Jul 2022 15:22:46 GMT
last-modified: Mon, 27 Jun 2022 16:18:03 GMT
etag: "bb8b96994e863cf732a20e6e7f22245c"
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 ea71b96212c28d5f0611046b8d2932f6.cloudfront.net (CloudFront)
x-amz-cf-pop: MIA3-C4
x-amz-cf-id: Kmwpw5LoVwV3fxEwML9h5KmjsAmmJ8GzOmZD2roUuOAFv6V6mz8j7Q==

I think the fix is to make sure you are setting a default root object on your distribution, specifically you want to add index.html. You can reference the documentation here for more information.

profile picture
answered a month ago
  • Thanks JeremyAWS for your help again. I have now made that tweak which I had missed. My only other observation is that when I type the following into my browser http://knowyoursubject.com I am still getting the red padlock saying unsecure connection when I have set up an SSL cert.

0

Hi JeremyAWS I had deleted it and started again.

Distribution Domain Name is d2yyy4m4xxvebl.cloudfront.net Origin Name is knowyoursubject.com.s3.eu-west-2.amazonaws.com Origin Domain is knowyoursubject.com.s3.eu-west-2.amazonaws.com

Cache policy name is Managed-CachingOptimized

Alternate Domain Names: www.knowyoursubject.com, knowyoursubject.com

ARN: arn:aws:cloudfront::894520577280:distribution/E2EXYUKTCT8UHD

SSL Cert: 9031dcc5-27fa-463a-8ad0-f2a44af56759

answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions