DNS-PROBE_POSSIBLE - S3 Static Website

0

I am currently working on building my own Website. Steps completed:

  • Built in HTML & CSS with all files copied to S3 Bucket.
  • Purchased Domain Name through (Route53) AWS and had this verified.
  • Setup CloudFront as my CDN, distribution has been verified by AWS and status is Enabled.

The issue seems to be with DNS OR the S3 Bucket. For example, in S3, I navigate to the Static Website Hosting area and select Bucket Website Endpoint. I now get a DNS Error when I try and access via S3.

If I navigate to the website ron-jackson.co.uk or www.ron-jackson.co.uk I get the following error: ron-jackson.co.uk’s DNS address could not be found. Diagnosing the problem. DNS_PROBE_POSSIBLE

Ive obviously missed something, I just cant see what Ive missed. Any suggestions would be appreciated.

Thanks

已提問 2 個月前檢視次數 97 次
7 個答案
2

Hello.

I tried resolving the domain name using the "dig" command, but I cannot confirm the A record.
What settings do you have in your Route53 hosted zone?

dig ron-jackson.co.uk

; <<>> DiG 9.16.1-Ubuntu <<>> ron-jackson.co.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5062
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;ron-jackson.co.uk.             IN      A

;; AUTHORITY SECTION:
ron-jackson.co.uk.      900     IN      SOA     ns-422.awsdns-52.com. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

;; Query time: 42 msec
;; SERVER: 192.168.11.1#53(192.168.11.1)
;; WHEN: 木  9月 05 20:51:08 JST 2024
;; MSG SIZE  rcvd: 127

dig www.ron-jackson.co.uk

; <<>> DiG 9.16.1-Ubuntu <<>> www.ron-jackson.co.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23876
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.ron-jackson.co.uk.         IN      A

;; AUTHORITY SECTION:
ron-jackson.co.uk.      900     IN      SOA     ns-422.awsdns-52.com. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

;; Query time: 62 msec
;; SERVER: 192.168.11.1#53(192.168.11.1)
;; WHEN: 木  9月 05 20:50:58 JST 2024
;; MSG SIZE  rcvd: 131

By the way, if you are setting up CloudFront, you do not need to set up static website hosting on S3, instead set up OAC.
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html

Additionally, if you want to set up a custom domain on CloudFront, you will need to set up an alternative domain as described in the document below.
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CreatingCNAME.html

profile picture
專家
已回答 2 個月前
profile picture
專家
已審閱 2 個月前
0

Thank you @sandeep.

  • No A or Alias records.
  • I have amended the CNAME record to point to the CF Distrobution name. I will keep the threard updated.

Thanks,

Ron

已回答 2 個月前
  • You need to create an alias record instead of a CNAME record.

0

Enter image description here

Thank you. So I have my Cname record as shown in the Screenshot. Im actually following along with the Cloud Resume Challange hence why I am setting up CloudFront.

已回答 2 個月前
0

Hii

Verify your DNS Records:

  • Login to your Route53 console.
  • Check if there are any "A" records or "Alias" records pointing your domain name (ron-jackson.co.uk) and potentially the subdomain (www.ron-jackson.co.uk) to your CloudFront distribution.
  • Make sure the record values point to the CloudFront distribution domain name, NOT directly to the S3 bucket name. CloudFront provides the domain name when creating the distribution.

Check DNS Propagation:

  • After making changes to DNS records, it can take up to 48 hours for those changes to propagate across the internet. Be patient and try accessing your website again after a reasonable time

. Use a DNS Lookup Tool:

  • Tools like dig or online services like mxtoolbox.com can help you verify if your DNS records are set up correctly.
  • Use the tool to query for your domain name and see if it points to the CloudFront distribution domain name.

Resources:

Additional Tips:

Double-check for typos in your domain name or record values. Make sure your S3 bucket policy allows public access to the website files.

profile picture
專家
已回答 2 個月前
0

Thank you Riku, created the A Name record as advised. Will report back.

已回答 2 個月前
0

Still no luck Im afraid. If I try and access via the CloudFront distribution name (d1o3vngl05ttm.cloudfront.net) I can access with no problem. ive configured DNS with an A Record (As per screenshot). I just cant see what Im missing here:

Enter image description here

已回答 2 個月前
0

Hello! So I've been following this since it was submitted. To me, it seems like everything is functional? Your CF distribution is working via Route53 alias record, in your public hosted zone? But your S3 bucket website URL still doesn't seem to work, directly?

Is that something you desire - direct access to the S3 bucket? Did you setup OAC (origin access control), by chance? https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html

This is a security feature which only allows access to the S3 bucket through the CF distribution. I may be off on my assumptions here, but the idea is to reduce the attack surface and require users to use CF, which has security features inherently built into the service.

Let us know if you setup OAC on the distributions --> Origins (edit) tab. This puts a bucket policy for copy/paste - maybe you did that? Also check the bucket policy, is it still public?

AWS
已回答 2 個月前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南