cloudfront redirecting to origin instead of aliasing it

Asked 15/7, 2014 at 7:2 Answered 16/5 at 14:11

Solved ruby-on-rails http-redirect ssl heroku amazon-cloudfront

I'm using a Cloudfront distribution as a proxy for my Heroku server. Why? for these purposes.

Anyway, my app has a force ssl rule on it. When I go to my cloudfront url, the origin being my heroku app url, i'm getting a 301 redirect to the origin, instead of serving as an alias.

Some stuff i did:

At first i had an error saying "request could not be satisfied", so I changed the origin protocol policy to HTTP Only.

Then, I had a redirect loop, so after researching I found out it was caused by the host header being passed in, so i removed forwarding headers.

Now i'm getting this 301 redirect.How can i stop it? What configurations should i look at?

Appreaciate any ideas. Happy to provide any additional information.

Buenrostro answered 15/7, 2014 at 7:2 Comment(1)

Glad my answer helped! Just as an FYI, I stopped using CloudFront after a few days of testing as it has really poor performance. I'm trying out Fastly right now and it's very good in the U.S. (but bad overseas). – Measureless 22/7, 2014 at 13:54

I just started using CloudFront yesterday and was having the exact same issue. I found the answer below and realized my non-www to www redirect was causing the problem:

I was redirecting from domain.com to www.domain.com and CloudFront was caching and returning that redirect. You would probably see the same thing with an http/https redirect.

If you're doing an HTTP -> HTTPS redirect, you have two options: You can either serve the assets to CloudFront as HTTP or make CloudFront request them as HTTPS. To do the latter, you would need to configure your CloudFront origin to "Match Viewer." That means that if the viewer is using HTTPS, CloudFront will also. If the user is using HTTP, CloudFront would request in HTTP, return the HTTPS redirect it received from your server, and the client would then re-issue the request as HTTPS.

In our case, the assets themselves do not need to be protected in-flight. It is only important that they are served from CloudFront as HTTPS so the user's browser is seeing all HTTPS content. So, in our case, it is not necessary to serve the assets to CloudFront as HTTPS. Regardless of how it fetches the content from our server, CloudFront will match the viewer's protocol when it responds.

https://mcmap.net/q/583280/-cloudfront-distribution-with-custom-origin-redirects-request

One thing you could try is removing any rewrite rules from your .htaccess file temporarily, then try loading a new file through CloudFront. Try a new file each time, because CloudFront caches the responses it gets (whether it's the file or not).

Measureless answered 18/7, 2014 at 14:14 Comment(1)

Not sure how it helps. – Succor 10/5, 2021 at 20:30

In my case I forgot to forward the Origin header to the ELB.

Identification answered 16/5 at 14:11 Comment(0)

Recommended topics

Hot tags