New to Cloudflare and AWS


#1

Hello fellow webnauts,

I’m hoping some of you may be able to set me on the straight and narrow path to understanding Cloudflare and AWS.

I recently left 1and1 (transferred my domain to Cloudflare and my contents to AWS S3). I was excited to see Cloudflare supported domain transfers and felt confident my site will be safe, fortified behind their infrastructure.

Now to the nitty-gritty.

I created my S3 buckets (example.com and www.example.com… thank you very much). I’ve added my S3 bucket CNAME (CNAME example.s3.aws…whatever it said for the End Point I copied from) to Cloudflare. And now, I’m at a stand still.

I don’t know what to do about setting up the Hosted Zones in Route 53 to work with Cloudflare. I don’t know if I need to set up a Certification or Cloudfront to provide HTTPS security? Am I missing anything else?

Don’t let my use of terms fool you, btw. I’m naive to all these packet-pushing protocols and whatever else these computers do to talk to each other. It’s more-or-less “greek” to me. I end up copying -verbatim- whatever I read (which makes my adaptability in these scenarios, complete bupkis).

So please take pity on me.

Thanks! Andy


#2

Definitely set up HTTPS there so you get end-to-end encryption.

A good rule of thumb: If you site works when its DNS entries here are set to :grey:, you’re off to a great start. Switching it to :orange: just makes it better.

I don’t think Route 53 will be in the picture once you use Cloudflare for DNS. I’d say skip all that. But hopefully an AWS user here will confirm one way or another.


#3

Thanks for the response.

I saw that I can set up certificates here. Which I’ll probably have to use with Cloudfront.

The Route 53 NS/SOA setting and any aliases I might have to setup are what I’m really confused about.

Right now, there is no connection to my content. But my domain does register as active. So I need to make that connection.

Plenty of available tutorial online show a number of domain registrants and AWS work throughs. But Cloudflare doesn’t seem to be as available (probably because their domain registration services are still new).

Hopefully someone here has experience they can share.


#4

Found Mike Tabor’s post about setting up AWS S3 and Cloudflare. Seemed easy to follow and made the need for Route 53/Cloudfront unnecessary. However, after following his guide, I’m still not connecting to the host (I get an Error 522, Connection timed out). I am going through Cloudflare, just not able to pull the content and connect to host.

The only thing I didn’t do on his list is Step 9, since Cloudflare is my new dedicated domain register. I don’t know if I need to do anything regarding Nameservers.


#5

I used his original guide at some point and it was working for me. I didn’t use the Cloudfront or Route 53 portions, so his newer article is appreciated.

Similar to my earlier suggestion, start with configuring it using :grey: mode just to get it working. Add your home IP address /32 to the bucket policy and see if you can connect to it (this bypasses Cloudflare).


#6

Ah… I didn’t even try disabling the CDN… I’ll give that a go.

Also, could you clarify the “add your home IP address /32”. Do I just get my IP from https://www.whatismyip.com/ and add /32 to the end and put it in the bucket policy? Should I use IPv4 or IPv6 or just my local IP?

I really appreciate your feed back, btw. I’m gonna crack this nut eventually!


#7

If you have IPv6 at home, delete the IPv6 address in your Cloudflare DNS and set the IPv4 entry to :grey:. This will force you to connect on IPv4 from home (that whatsmyip address).