Cloudfront redirect www to naked domain with ssl

Marc Greenstock picture Marc Greenstock · Feb 23, 2015 · Viewed 34.4k times · Source

Forgive me if this has been asked before, there are a number of resources that touch on this, but nothing seems to fit for my specific (https) use-case.

I'm trying to redirect https://www.example.com to https://example.com. Likewise, this should work for http://www.example.com to https://example.com.

I have set up a cloudfront distribution with the origin of an s3 bucket, redirect http to https, added the cname example.com and added my domain certificate (which works for the www subdomain as well as the naked domain).

I have also set up a separate distribution, with a cname for www.example.com, added the certificate and set the origin to a separate s3 bucket that in (static website hosting) redirects all requests to https://example.com.

Redirection works as expected for http://example.com to https://example.com, however http(s)://www.example.com to https://example.com does not.

In route 53 I have the root domain aliased to the first cloudfront distribution and www aliased to the second.

Answer

RKI picture RKI · Mar 18, 2017

To host website on AWS so that:

https://www.example.com, http://www.example.com and http://example.com all redirect to https://example.com

you need to:

  1. Create two S3 buckets named: example.com and www.example.com.

  2. Turn on the Static Website Hosting on these two buckets.

  3. Configure redirect in bucket www.example.com to: https://example.com. In the bucket properties choose Static Website Hosting => Redirect all requests to another host name. In Target bucket or domain field, enter example.com, in Protocol field, enter https

  4. For these buckets create two CloudFront Distributions. Each of this distributions point to corresponding bucket:

  5. For Origin Domain Name provide bucket urls provided in Static Website Hosting section. The urls should have form (or similar): example.com.s3-website-us-west-1.amazonaws.com

    • On both distribution set HTTP to HTTPS redirect.

    • DO NOT USE URL SUGGESTED BY AMAZON AUTOCOMPLETE!

    • DO NOT SET Default Root Object PROPERTY!

  6. Configure DNS by setting A records for www.example.com and example.com to point to corresponding CloudFront distributions.

Why does it work? CloudFront provides the redirect from HTTP to HTTPS in both cases (with and without www). The bucket for www.example.com provides redirect to example.com. If you didn't have this distribution, the bucket would not be able to redirect request for https://www.example.com. S3 itself does not support HTTPS for static website hosting.