By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

S3 bucket blocking request

0

Hello, I'm using my s3 bucket for storage our NFT collection metadata also jpegs. Yesterday we shared our collection and NFT market places can't show our images and they said your server has high request error. And also some other error. For example; https://www.topaz.so/assets/HalloweenBoi-834048d84a/HalloweenBoi%20%2374/0 My bucket sample json url: http://mutantboi.xyz.s3-us-west-1.amazonaws.com/hb/g/44.json Image can't seen on website and has some error on network section like that: "mixed Content: The page at '<URL>' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint '<URL>'. This request has been blocked; the content must be served over HTTPS."

So 1- How can I fix that high request problem on AWS? 2- How can I fix "Mixed Content: The page at '<URL>' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint '<URL>'. This request has been blocked; the content must be served over HTTPS." problem? Anyone has Idea?

Topics
StorageNetworking & Content Delivery
Tags
Amazon Simple Storage ServiceAmazon CloudFrontS3 Select
Language
English
oguzhank
asked a year ago589 views
2 Answers
0

Are you using CloudFront? In the tags you mentioned it but not in the issue description. If you use CloudFront, you can setup CORS headers to allow requests coming from 3rd party domain names (lile www.topaz.co). You can do it by using Response Headers policy as described here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/adding-response-headers.html You can aslo configure Redirect HTTP to HTTPS viewer request policy to make users send only HTTPs: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesViewerProtocolPolicy Finally, it is recommended to disable public access to S3 and use CloudFront Origin Access Control instead: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html

AWS
Yury Yakubov
answered a year ago
0

Hello, Answering your both queries:

  1. How can I fix that high request problem on AWS?

A. You can send 3,500 PUT/COPY/POST/DELETE and 5,500 GET/HEAD requests per second per partitioned prefix in an Amazon S3 bucket. When you have a sustained, increased request rate to your bucket, S3 can return 503 SlowDown errors while scaling to support the request rate. This scaling process is called partitioning.

To avoid this high request problem with S3 bucket, you can configure your application to gradually increase the request rate and retry failed requests using an exponential back-off algorithm or you can distribute objects and requests across multiple prefixes.

[+] Amazon S3 Best Practices - https://docs.aws.amazon.com/AmazonS3/latest/userguide/optimizing-performance.html

  1. How to fix "Mixed content" problem?

A. The best strategy to avoid mixed content blocking is to serve all the content as HTTPS instead of HTTP. For your own domain, serve all content as HTTPS and fix your links. Often, the HTTPS version of the content already exists and this just requires adding an "s" to links - http:// to https://.

Amazon S3 website endpoints do not support HTTPS or access points. If you want to use HTTPS, you can use Amazon CloudFront to serve a static website hosted on Amazon S3.

Using CloudFront with S3 - https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-cloudfront-to-s3-origin.html

AWS
SUPPORT ENGINEER
Aafreen_K
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content