Why can't i use A/AAA records to redirect a www domain to a non-www domain when the latter points to a cloudfront distribution?

1

Hi,

I want all requests coming from www.domain.com to be redirected to https://domain.com. When i use A/AAA records to redirect www urls to non-www ones i get the following error from cloudfront in the browser.


403 ERROR

The request could not be satisfied.

Bad request. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner. If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.

Generated by cloudfront (CloudFront) Request ID: FuncJA-r5nbfvEUYV-_NdAINj80hfCo12dKVgm-K2-lCtLcjgj3O4w==


I am now using an empty s3 bucket to redirect traffic coming from www.domain.com to https://domain.com. But i was wondering why this can't be done with simple A records in route53. The cloud distribution that is hosting the app only works with https but will redirect all incoming http traffic automatically to https. Does anyone know why Alias records don't work for redirecting traffic to a domain that points to a cloudfront distribution?

  • You must add all alternative domain names you intend to use for the Cloudfront distribution before adding the A/AAAA ALIAS in Route53.

    I use non-www hostnames for my Cloudfront distributions and then have the S3 bucket static website configured for the www hostname to redirect to the non-www hostname. You would configure there A/AAAA record for the S3 bucket to point to s3-website-us-east-1.amazonaws.com if the bucket is in us-east-1 region, you would have to check for other regions. then you'd create the ALIAS entry pointing to the Cloudfront distribution

1 Answer
0
Accepted Answer

(As per RFC 2606, I will use example.com instead of domain.com here.)

You cannot use an ALIAS record as a redirect. That isn't how ALIAS records work. It's mentioned in the ALIAS record docs:

When Route 53 receives a DNS query for an alias record, Route 53 responds with the applicable value for that resource:

...

Another Route 53 record in the same hosted zone – Route 53 responds as if the query is for the record that is referenced by the alias record.

Route 53 it respond "as if the query is for the record that is referenced by the alias record."

In this case, if you set up www.example.com as an ALIAS record to example.com, and example.com is an ALIAS record to the CloudFront distribution, Route 53 will respond to a request for www.example.com with the IP addresses of the CloudFront distribution - the same results as it returns for example.com.

However, if use the following configuration:

  1. Include both www.example.com and example.com in "Alternate domain names"
  2. Create a example.com as an ALIAS A record to the CloudFront Distribution domain name
  3. Create www.example.com as an ALIAS A record to example.com
  4. Ensure that your TLS certificate includes both www.example.com and example.com

Then you can visit www.example.com and your CloudFront distribution will be served without error.

However, again, it will not be a redirect. That is, the browser will still show www.example.com, not example.com. For that you need to use an S3 website endpoint (as it seems like you have already done), or an edge function, as outlined in this article.

profile picture
EXPERT
bwhaley
answered a year ago
  • However, again, it will not be a redirect. That is, the browser will still show www.example.com, not example.com yes i've tried that approach and noticed it. In fact the browser will treat www.example.com as an entirely different website which just has an identical content to example.com. This approach is also very bad for SEO. Thank you for your explanation about alias records. I'll accept it as the answer

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions