Route 53 domain only works when prefixed with http(s):// - amazon-route53

I have an application that runs fine in AWS App Runner and can be found here: https://iyarles.net
However, it's not accessible via the naked domain name iyarles.net.
Clarification comment: If I goto iyarles.net in my browser (edge), the request times out. If I goto iyarles.net, my website loads fine.
The App Runner service has a custom domain configured and my hosted zone has the 2 certificate validation records and the alias record pointing to my service.
A few weeks ago I transferred my domain from Google Domains to Route 53. It was originally a redirect from iyarles.net or any other subdomain (with or without https://) to the default domain for my service.
How can I replicate the previous behavior? What exactly are these alias records doing?

When you type the hostname into the browsers address bar, browsers will assume you want to make a plain HTTP request.
When you explicitly include the https: scheme, browsers will make a secure HTTP request.
Your server is running an encrypted service on port 433. It is not running a plain service on port 80.
It times out if you type http://iyarles.net too.

The issue is that the custom domain configured in AWS App Runner is not accessible via the naked domain name, iyarles.net. To replicate the previous behavior, you will need to create an Alias Record in your hosted zone in Route 53, which will point your domain name to the service URL.
The Alias Record is used to route traffic from a domain name to the service URL. It will ensure that any requests to the domain name will be routed to the service URL, thereby allowing your application to be accessible via the naked domain name.
It is important to note that you will also need to create two Certificate Validation Records in your hosted zone in Route 53. These records are used to validate the SSL Certificate for your domain name, which is necessary for HTTPS connections.

Related

We need to change our URLs without port and receive requests to the specific application

We have following URLs like
http://testserver1.com:port1
http://testserver2.com:port2
Each URL is pointing to different application on the Windows Server.
What we need to do is that we need to change the URL like http://testserver1.com instead of http://testserver1.com:port1 and it should be forwarded to the application serving port1. We do not want users to enter port number with the URL.
And if we type http://testserver2.com instead of http://testserver2.com:port2 also it should be forwarded to the application serving port2.
How can we do this with Windows Firewall - Inbound Rules and IIS. Can somebody help?
We have tried to add first Inbound Rule under Windows Firewall but we have no idea how to do the rest to forward such incoming requests to the correct application serving the specific port.

Using Cloudfront as CDN for my custom server REST API

I have a REST API on a Hetzner server which uses Varnish. I am trying to set up Cloudfront to use as the CDN for it. After reading around, I currently have the following setup:
Hetzner / Varnish
A main API route api.mydomain.com.
Config in Varnish for cdn-api.mydomain.com to also act as a route to the same API.
In the DNS for the domain in Hetzner, for cdn-api.mydomain.com I have
added the name servers for Route 53.
Route 53
Hosted zone called cdn-api.mydomain.com.
An A record with name prod.cdn-api.mydomain.com which points to my Cloudfront distribution.
An A record with name cdn-api.mydomain.com which points to the IP address of the server.
Cloudfront Distribution
Has the alternate domain name prod.cdn-api.mydomain.com.
Has the origin domain of cdn-api.mydomain.com
Protocol for origin is HTTP only
What I think should happen
Make a request to prod.cdn-api.mydomain.com.
Route 53 forwards to the Cloudfront distribution.
CloudFront looks to origin cdn-api.mydomain.com.
Origin cdn-api.mydomain.com looks to IP address of Hetzner.
Hetzner receives request, Varnish allows the domain through, sends back data to Cloudfront.
What actually happens
If I make a request straight to cdn-api.mydomain.com from Postman, it works if I turn off SSL.
If I turn on SSL, I get the error SSL Error: Hostname/IP does not match certificate's altnames, saying that cdn-api.mydomain.com is not on the certificates of the server.
If I make a request to prod.cdn-api.mydomain.com, I get the error Error: Exceeded maxRedirects. Probably stuck in a redirect loop. Which may be due to the same certs error.
Cloudflare
As a comparison, we have Cloudflare set up as the CDN for a different domain on the same Hetzner server. It has:
A main API route api.myotherdomain.com
In Hetzner a CNAME for cdn-api.myotherdomain.com with value cdn-api.myotherdomain.com.cdn.cloudflare.net.
In Cloudflare, an A record for cdn-api.myotherdomain.com which points to the IP address of the server.
cdn-api.myotherdomain.com is set up in Varnish as an entry point, but is not on the list of certificates of the server.
This all works fine including with SSL enabled.
It would be good to understand what I'm doing wrong here.

Redirecting sub-domain to specific URI

I want to redirect my subdomain to specific URI without making any changes to my code.
I found the domain forwarding services from Bigrock, they have a sub-domain forwarding service which specifies all subdomains will be redirected as "subdomain.mydomain.com to yourdestinationurl/subdomain/"
I replaced yourdestinationurl, with www.mydomain.com but it's not working.
Am I doing something wrong?Is there any alternative way to do this?
You may create the subdomain in the DNS Manager/Domain name zone file and point it to any URL using 'URL-Redirect' DNS record.
In other words, you need to login into the account of your domain name registrar (if the domain name is delegated to the default nameservers) or into your hosting cPanel (if you have a hosting plan). Then you need to find where to configure DNS records and configure URL-Redirect (also called URL-Forwarding) for your subdomain.
There is no need to have any plugins.

Pointing 1and1 domain to an S3 bucket

I've registered my domain about a month ago (It's a .com, so I need to wait 60 days before being allowed to transfer the domain, which I will do as I'm fed up with 1and1's service)
I created an Amazon S3 bucket with my domain name: example.com and www.example.com.
All my Amazon S3 settings are in order, I've enabled website hosting, I have an index document...
In 1and1, I've set my redirect destination for example.com to my S3 bucket endpoint.
When I hit save: "Operation Failed, The redirect URL is invalid."
What am I doing wrong?
You do not have to wait 60 days.
There are two different services that are commonly confused because providers often market then together: domain registrar services and domain hosting.
You can change your hosting provider at any time, by changing the configuration options with the current registrar. This change typically takes effect almost immediately, though conventional wisdom is that it may require up to 48 hours to take effect globally.
Create a new "hosted zone" in Route 53 for your domain. Take note of the four "awsdns" name servers that Route 53 assigns.
Log in to your registrar's admin portal and find the option the change your authoritative name server configuration. Replace the registrar's default name servers with the four provided by Route 53.
You will then use the Route 53 console to create your DNS records, including the appropriate "Alias" records pointing your domain to the S3 web site endpoint.
After the 60 days, you can change the registrar to Route 53, or any other registrar you like, continuing to use the authoritative name servers assigned to your domain by Route 53.
Route 53 is the simplest option for DNS hosting when you are using S3 for static website hosting (or CloudFront or Elastic Load Balancer) simply because of the tight integration provided by Alias records, which offer capabilities that CNAMEs can't and other DNS hosting providers can't, because they don't have direct access to the operational internals of AWS.
It sounds like you configured your domain name to use a Redirect instead of a CNAME record. Create a CNAME record to your AWS domain.
Here are some instructions:
http://help.1and1.com/domains-c36931/manage-domains-c79822/dns-c37586/enter-a-cname-record-for-your-domain-a643600.html
Sometimes people don't want to create CNAMEs for their root domain and prefer to redirect from example.com to www.example.com

Stopping the naked domain redirecting to www

i recently migrated my application to AWS and setup a cname for www.domain.com and a redirect for the domain.com to redirect to www.domain.com.
The problem is, an external service was using a path on the naked domain.com (something like domain.com/external/service/) But with the redirect all HTTP POST data is being dropped with the redirect and i cant change the url that the external service is calling.
To fix this, i have setup my naked domain on route53 to point to my elastic load balancer where my app is located. I set up an A record pointed at my elastic load balancer using an alias.
Its been two days now and my naked domain still redirects to www. and therefore the external service is down. Any ideas on what i could do?
I am taking a long shot - there are different possible problems:
You are forwarding naked domain via A record to ELB, but your EC2 instace (say Apache) is still doing a redirect (not DNS, but http 301) back to www.
Check the DNS TTL. If the TTL is too large (say 48 hrs), then it takes that time. You need to wait longer.
Is Route53 fully managing your DNS? One possibility is that, somebody else like Godaddy is still doing the DNS for you - so nobody is contacting Route53 for the change to reflect.