Setting up Cloudfront as a reverse proxy for domain redirection

Hi friends, We have a domain e.g http://mydomain.com|mydomain.com, we have a third party that has developed our website and is hosting it. We need some for http://mydomain.com|mydomain.com to load the new website. I initially though a cname would work but it looks like you can’t have a cname using the apex of your hosted zone.

Would using cloudfront as a reverse proxy work for this?

• setup cloudfront app with a custom origin http://newebsite.com|newebsite.com
• create route53 A record for http://mydomain.com|mydomain.com which points to the cloudfront app

I would suggest using the www subdomain for your website. There are several reasons but one of the most important ones is with cookies security. If your website is using any cookies which most probably is, whatever else you put on your main domain (for example http://app.newebsite.com|app.newebsite.com) will also have access to those cookies which is not ideal. If you put everything on a www subdomain, it will be properly scoped.

Also, if you leverage the www subdomain, your problem will shrink to “how do I properly redirect from non-www to www”. This is a much easier problem to solve. You can for example set up an empty S3 bucket with CloudFront that will automatically redirect anything from non-www to www.

Also, I like to use Route53 subdomain delegation. If a 3rd party is managing your website, it’s not a bad idea to delegate to them this subdomain so you don’t have to bother if they decide to switch IP addresses or such. If they need to setup some TXT record for verification or anything else, they have the power but only for the context of the website, you are still in full control of the rest of the domain.

“how do I properly redirect from non-www to www” - I don’t understand this.

I did solve my problem today by creating a cloudfront which acts as a reverse proxy from my original domain to their domain. But id like to understand what you are suggesting

I dont want to redirect, i wanted to setup an alias

Sorry if I did not decsdibe it clearly the first time. I understood that your website is running on Top Level Domain http://newebsite.com|newebsite.com. I was trying to say that this is suboptimal and you should conaider moving it to http://www.newebsite.com|www.newebsite.com and setup a redirect from http://newebsite.com|newebsite.com to http://www.newebsite.com|www.newebsite.com. The redirect has nothing to do with your priblem. It is just a good practice commonly used. Also, search engines will need it for such change.

I assume that currently if somebody visits http://www.newebsite.com|www.newebsite.com you are already redirectim them to http://newebsite.com|newebsite.com. If not consider it, please. It os very common behavior. Feel free to try it on some other websites.

Ye we do both www and non-www

That makes sense, so I am suggesting that hosting the website on www instead of non-www has added benefits and simplifies the problem you have been solving.

I am not saying you have to switch, just sharing the best practice. :slightly_smiling_face:

and yes im starting to understand how your suggestions could be a solution. Is there a simple way to redirect non-www to www, how would you do that?

Great, I am glad we are on the same page. :slight_smile: Well, if you have any webserver around, simple Nginx redirect is probably the easiest. CloudFront + empty S3 bucket can also do that in more AWS way. As long as this is reliable solution, go for it.

Okay so i dont need access to the underlining website as thats hosted by the third party agency

To solve the problem currently we are using an A record alias to cloudfront

Yep, you can delegate the whole www subdomaon to somebody else to manage and do whatever necessary.
Your current solution definitely works. It just feels to me more like a workaround rather then permanent solution.
Don’t get me wrong CDN in front of a website is usually a good idea, however, if you are not using it for caching, the main benefits are lost and you are paying extra for cache misses.

Currently cloudfront setup is - allowed domain ( http://www.ours.com|www.ours.com, http://ours.com|ours.com ) points to the origin ( http://theirs.com|theirs.com)

Im not sure we want to delegate the subdomain to them, but thats something ill have to check with our CTO

Yeah, that definitely depends on the relationship. I just mentioned it as a possibility. I would primarily focus on the www vs. non-www and if you are not planning to use the CDN caching then consider a better solution. But for now, I think you solved it quite well to move things forward :slightly_smiling_face:

Although In my current solution im using an A record alias for both non-www and www (pointing to same cloudfront distro). So im not necessarily doing the redirect from non-www to www

if http://theirs.com|theirs.com is not responding with the correct 301, then you should probably consider doing the redirect yourself. Serving the same content from 2 different domains can hurt your SEO.

Youre right we have 2 domains (non-www and www pointing to theirs)

I think what i should do is

2. Cloudfront allowed domain (ours.com) to www.ours.com```

Yep, although in #2 I am not suer if cloudfront iteself can handle it. I usually need to setup S3 with cloudfront as well. But maybe there is something new I am not aware of.