We have a static site hosted on S3 with CloudFront containers in front.
One bucket and container for www and non-www. www is set to redirect to non-www at a bucket level.
The nameservers are correctly pointed to Cloudflare. There are CNAME records set to resolve to each of the CloudFront containers for www and non-www.
The non-www version of the site resolves correctly, the www version is still resolving to the site that was being delegated at the old NS host…
In conjunction with this, the host SSL for non-www seems to intermittently drop out for 10 minutes at a time?
Now the non-www record is triggering an SSL error. Upon further investigation, it looks as though the previously delegated CNAME is interferring with the newly delegated values;
Subject: secure.pageserve.co <<— OLD CNAME AT PREVIOUS NS
Issuer: Let’s Encrypt Authority X3
Expires on: 16 Jan 2019
Current date: 15 Nov 2018
When I’ve done this with S3, both of my DNS CNAMES are set to .
Then I created a Page Rule here to match www.example.com/* and Forward it (301) to https://example.com/$1
Now it’s completely using Cloudflare SSL and doing a quicker redirect without having to go to the origin server.
Excellent, thanks sdayman, I’ll try that now and let you know how I go
Any idea on the previously delegated CNAME resurfacing?
I’m going to blame DNS propagation. How long ago did you add your domain to Cloudflare?
24 hours, and it was working fine. Only now is it starting to play up…
How do the page rules impact carrying over the page someone was on?
Ensuring www.example.com/section/page is carried over to https://example.com/section/page
with the above page rules?
DNS can be intermittent for up to 48 hours after a name server change.
The wildcard (*) and $1 will forward the path as well.
Ok, so that hasn’t worked.
The rule went in ok and non-www is resolving but www is still pointing to the old site.
Is it best to link www and non-www CNAMEs to different CloudFront distributions, each containing one S3 bucket as an origin - or - link to one CloudFront distro for both www and non-www containing both S3 buckets as origins?
Nope. Just use one bucket, and let Cloudflare Page Rule forwarding handle the rest.
Until DNS fully propagates, you’ll have issues with proper domain resolution.
Ahh, I see. Have one CNAME to one bucket for non-www and then use the page rule to force everything through that.
Fingers crossed it sorts itself out soon. I’ve even deleted the previous CNAME and A records at the old NS for good measure
This topic was automatically closed after 31 days. New replies are no longer allowed.