Cloudfront 未正确重定向到 https 和子域
Cloudfront does not redirect properly to https and subdomain
根据 post and this 文章,应该在重定向到另一个包含静态文件的存储桶的 S3 存储桶前面创建第二个云端分发。
Asuuming 前端存储桶名称是 www.example.com
,重定向存储桶是 example.com
。我已经根据以下 cloudformation 模板设置了我的 AWS 资源。
但是,出现了一些问题:如果我点击 example.com,它不会重定向到 www.example.com,只有当我在网站上点击另一个 link 时。此外,它不会加载例如图标。 http://example.com is redirect to https://example.com. http://www.example.com 它没有重定向到 https,找不到网站。
我的 AWS 设置中缺少什么?
This 提到不要设置默认根对象 属性,我没有。但也许它有某种关系?
FrontendBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${self:custom.frontendBucketName}
AccessControl: PublicRead
WebsiteConfiguration:
IndexDocument: index.html
ErrorDocument: 404.html
RedirectdBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${self:custom.redirectBucketName}
AccessControl: PublicRead
WebsiteConfiguration:
RedirectAllRequestsTo:
HostName: ${self:custom.frontendBucketName}
Protocol: https
WebAppCloudFrontDistribution:
Type: AWS::CloudFront::Distribution
Properties:
DistributionConfig:
Origins:
- DomainName: ${self:custom.frontendBucketName}.s3-website.${self:provider.region}.amazonaws.com
Id: Frontend
CustomOriginConfig:
HTTPPort: 80
HTTPSPort: 443
OriginProtocolPolicy: http-only
Enabled: 'true'
Aliases:
- ${self:custom.frontendBucketName}
CustomErrorResponses:
- ErrorCode: 404
ResponseCode: 200
ResponsePagePath: /index.html
DefaultCacheBehavior:
DefaultTTL: 31536000
MaxTTL: 31536000
MinTTL: 31536000
AllowedMethods:
- DELETE
- GET
- HEAD
- OPTIONS
- PATCH
- POST
- PUT
TargetOriginId: Frontend
ForwardedValues:
QueryString: 'false'
Cookies:
Forward: none
ViewerProtocolPolicy: redirect-to-https
AcmCertificateArn: 'arn:aws:acm:us-east-1:xxxx:certificate/xxxx'
SslSupportMethod: 'sni-only'
RedirectCloudFrontDistribution:
Type: AWS::CloudFront::Distribution
Properties:
DistributionConfig:
Origins:
- DomainName: ${self:custom.redirectBucketName}.s3-website.${self:provider.region}.amazonaws.com
Id: Redirect
CustomOriginConfig:
HTTPPort: 80
HTTPSPort: 443
OriginProtocolPolicy: http-only
Enabled: 'true'
Aliases:
- {self:custom.redirectBucketName}
DefaultCacheBehavior:
DefaultTTL: 31536000
MaxTTL: 31536000
MinTTL: 31536000
AllowedMethods:
- DELETE
- GET
- HEAD
- OPTIONS
- PATCH
- POST
- PUT
TargetOriginId: Redirect
ForwardedValues:
QueryString: 'false'
Cookies:
Forward: none
ViewerProtocolPolicy: redirect-to-https
ViewerCertificate:
AcmCertificateArn: 'arn:aws:acm:us-east-1:xxxx:certificate/xxxx'
SslSupportMethod: 'sni-only'
DnsRecord:
Type: "AWS::Route53::RecordSet"
Properties:
AliasTarget:
DNSName:
Fn::GetAtt:
- WebAppCloudFrontDistribution
- DomainName
HostedZoneId: XXXXX
HostedZoneId: XXXX
Name: ${self:custom.frontendBucketName}
Type: 'A'
RedirectDnsRecord:
Type: "AWS::Route53::RecordSet"
Properties:
AliasTarget:
DNSName:
Fn::GetAtt:
- RedirectCloudFrontDistribution
- DomainName
HostedZoneId: XXXX
HostedZoneId: XXXX
Name: ${self:custom.redirectBucketName}
Type: 'A'
目前,您遇到了 DNS 问题,您尚未发布 "www.example.com" 的 DNS 记录。
您有 example.com --> CloudFront 的 DNS,但 www.example.com 没有,即使您已将 www.example.com 添加到 CloudFront CNMAE/Alternative 文件中,当客户端获得一个新位置的 301/302 并看到主机的变化时,它会再次解析它。
curl -I --resolve www.example.com:443:13.249.210.66 https://www.example.com/index.html
HTTP/1.1 200 好
Content-Type: text/html
Content-Length:80232
连接:keep-alive
日期:2019 年 6 月 23 日,星期日 10:07:43 GMT
Last-Modified:2019 年 6 月 21 日,星期五 07:21:38 GMT
ETag:“8d536768b2173a7f3869f4178f75b331”
服务器:AmazonS3
X-Cache: 云端小姐
通过:1.1 7db8064d915149cac923df11147875f9.cloudfront.net (CloudFront)
X-Amz-Cf-Pop:BLR50-C3
X-Amz-Cf-Id: wOpVoz1gVlxYDBORSfGr9fmt8L-Q6vhWyEm1XPgJVQy-sbes9HTuuQ==
您只需要在 Route53 中为 www.example.com 创建一个别名记录。
根据
Asuuming 前端存储桶名称是 www.example.com
,重定向存储桶是 example.com
。我已经根据以下 cloudformation 模板设置了我的 AWS 资源。
但是,出现了一些问题:如果我点击 example.com,它不会重定向到 www.example.com,只有当我在网站上点击另一个 link 时。此外,它不会加载例如图标。 http://example.com is redirect to https://example.com. http://www.example.com 它没有重定向到 https,找不到网站。
我的 AWS 设置中缺少什么?
This 提到不要设置默认根对象 属性,我没有。但也许它有某种关系?
FrontendBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${self:custom.frontendBucketName}
AccessControl: PublicRead
WebsiteConfiguration:
IndexDocument: index.html
ErrorDocument: 404.html
RedirectdBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${self:custom.redirectBucketName}
AccessControl: PublicRead
WebsiteConfiguration:
RedirectAllRequestsTo:
HostName: ${self:custom.frontendBucketName}
Protocol: https
WebAppCloudFrontDistribution:
Type: AWS::CloudFront::Distribution
Properties:
DistributionConfig:
Origins:
- DomainName: ${self:custom.frontendBucketName}.s3-website.${self:provider.region}.amazonaws.com
Id: Frontend
CustomOriginConfig:
HTTPPort: 80
HTTPSPort: 443
OriginProtocolPolicy: http-only
Enabled: 'true'
Aliases:
- ${self:custom.frontendBucketName}
CustomErrorResponses:
- ErrorCode: 404
ResponseCode: 200
ResponsePagePath: /index.html
DefaultCacheBehavior:
DefaultTTL: 31536000
MaxTTL: 31536000
MinTTL: 31536000
AllowedMethods:
- DELETE
- GET
- HEAD
- OPTIONS
- PATCH
- POST
- PUT
TargetOriginId: Frontend
ForwardedValues:
QueryString: 'false'
Cookies:
Forward: none
ViewerProtocolPolicy: redirect-to-https
AcmCertificateArn: 'arn:aws:acm:us-east-1:xxxx:certificate/xxxx'
SslSupportMethod: 'sni-only'
RedirectCloudFrontDistribution:
Type: AWS::CloudFront::Distribution
Properties:
DistributionConfig:
Origins:
- DomainName: ${self:custom.redirectBucketName}.s3-website.${self:provider.region}.amazonaws.com
Id: Redirect
CustomOriginConfig:
HTTPPort: 80
HTTPSPort: 443
OriginProtocolPolicy: http-only
Enabled: 'true'
Aliases:
- {self:custom.redirectBucketName}
DefaultCacheBehavior:
DefaultTTL: 31536000
MaxTTL: 31536000
MinTTL: 31536000
AllowedMethods:
- DELETE
- GET
- HEAD
- OPTIONS
- PATCH
- POST
- PUT
TargetOriginId: Redirect
ForwardedValues:
QueryString: 'false'
Cookies:
Forward: none
ViewerProtocolPolicy: redirect-to-https
ViewerCertificate:
AcmCertificateArn: 'arn:aws:acm:us-east-1:xxxx:certificate/xxxx'
SslSupportMethod: 'sni-only'
DnsRecord:
Type: "AWS::Route53::RecordSet"
Properties:
AliasTarget:
DNSName:
Fn::GetAtt:
- WebAppCloudFrontDistribution
- DomainName
HostedZoneId: XXXXX
HostedZoneId: XXXX
Name: ${self:custom.frontendBucketName}
Type: 'A'
RedirectDnsRecord:
Type: "AWS::Route53::RecordSet"
Properties:
AliasTarget:
DNSName:
Fn::GetAtt:
- RedirectCloudFrontDistribution
- DomainName
HostedZoneId: XXXX
HostedZoneId: XXXX
Name: ${self:custom.redirectBucketName}
Type: 'A'
目前,您遇到了 DNS 问题,您尚未发布 "www.example.com" 的 DNS 记录。
您有 example.com --> CloudFront 的 DNS,但 www.example.com 没有,即使您已将 www.example.com 添加到 CloudFront CNMAE/Alternative 文件中,当客户端获得一个新位置的 301/302 并看到主机的变化时,它会再次解析它。
curl -I --resolve www.example.com:443:13.249.210.66 https://www.example.com/index.html HTTP/1.1 200 好 Content-Type: text/html Content-Length:80232 连接:keep-alive 日期:2019 年 6 月 23 日,星期日 10:07:43 GMT Last-Modified:2019 年 6 月 21 日,星期五 07:21:38 GMT ETag:“8d536768b2173a7f3869f4178f75b331” 服务器:AmazonS3 X-Cache: 云端小姐 通过:1.1 7db8064d915149cac923df11147875f9.cloudfront.net (CloudFront) X-Amz-Cf-Pop:BLR50-C3 X-Amz-Cf-Id: wOpVoz1gVlxYDBORSfGr9fmt8L-Q6vhWyEm1XPgJVQy-sbes9HTuuQ==
您只需要在 Route53 中为 www.example.com 创建一个别名记录。