I was wondering if Amazon Cloudfront can pass to the origin server the CDN domain name the request is coming from. Let me explain.
I have an external LAMP server, associated to an origin domain (e.g., origin.mydomain.com)
I've successfully set up Cloudfront, setting origin.mydomain.com as origin server
Finally, I pointed 2 different (CDN) domains to Cloudfront (e.g., www.firstdomain.com and www.seconddomain.com)
Now, all this setup is working perfectly.
But there is 1 information I'm missing: when the origin server (origin.mydomain.com) receives a request, I haven't found a way to know if the request originally comes from www.firstdomain.com or www.seconddomain.com; cloudfront sends to the origin server all information about the request, except the original CDN domain - or if it does, I don't know how/where to get it.
So, resuming, I have this:
DNS domain(s) -> Cloudfront -> Origin domain -> LAMP Server
The question is: How can LAMP get the DNS domain name the request is originally coming from?
Do I miss any cloudfront setting, or there is some trick I can use to get that info?
Note: I know I can create several properties pointing to the same origin server, but that is not a viable solution for this project.
You'll have to use the logging in Cloudfront, because the only time that Cloudfront actually makes requests to your server is when they do not have a cached version of that particular file.
To turn on logging you need to log into the AWS Console and choose Edit in the Distribution Details for the distribution you want to enable access logs to be delivered. Then you set the target bucket and prefix for AWS to deliver log files to. The logging target should be another S3 bucket than the origin. Otherwise your report will include requests for log files delivered by Amazon and download requests for log files.
When you configure logging it will save logs in the bucket you specified in this format: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html#LogFileFormat
Related
I set up an “Azure CDN premium from Verizon” profile and created an endpoint with the configurations shown below.
Name: my-public-nexus-11111
Other configurations:
enter image description here
I wanted to download an artifact from the wso2 public nexus repository (artifact link: https://maven.wso2.org/nexus/content/groups/wso2-public/org/wso2/carbon/org.wso2.carbon.core/4.4.10/org.wso2.carbon.core-4.4.10.jar ).
But when I used my CDN endpoint to download this artifact, it gives me a “502 Bad gateway” error.
(Link with the CDN endpoint: https://my-public-nexus-11111.azureedge.net/nexus/content/groups/wso2-public/org/wso2/carbon/org.wso2.carbon.core/4.4.10/org.wso2.carbon.core-4.4.10.jar )
What is the reason for this behavior?
Also just to check whether I‘ve misconfigured something when creating the endpoint, I created another endpoint with the below configurations:
Name: my-test-mvn-central-without-path
oher configurations:
enter image description here
Then I tried to download this artifact with the CDN endpoint link: https://repo1.maven.org/maven2/io/siddhi/siddhi-core/5.0.1/siddhi-core-5.0.1.jar
This can be achieved. The link with the CDN endpoint:
https://my-test-mvn-central-without-path.azureedge.net/maven2/io/siddhi/siddhi-core/5.0.1/siddhi-core-5.0.1.jar
Therefore why the previous CDN endpoint gave me 502 bad gateway error (When configured wso2 public nexus repo as the origin) ?
Also, is it possible to send a request header to the backend?
(Please note that CDN links might not work because I need to stop CDN endpoints to avoid unnecessary costs)
<<<<<<<<<>>>>>>>>>>>
I tried to reproduce the same in my environment like below
I created an Azure CDN endpoint with premium verzion like below:
When I used my CDN endpoint to download artifact, it gives me a “502 Bad gateway” error what is the reason for this behavior?
This error may occur when an HTTP protocol failure occurs between a server and an HTTP proxy. It can't be parsed when customer origin server returns an invalid response to an edge server.
Use Flush DNS cache, In your system DNS cache keeps specific information about the websites you visit.
Try to use ipconfig /flushdns
Try to disable Temporarily disable CDN or firewall.
In WordPress -> Under setting, click CDN -> Disable CDN -> Save.
Or you can temporarily disable the firewall setting to fix the issue like below:
In control Panel -> System and Security -> security and maintenance -> Turn Windows Firewall on or off -> Turn off Windows Firewall
As per Anton Kucer check whether Service Name Indication is turned on at your origin and try to disable SNI setup for SSL binding to resolve this issue. Verify the network connectivity and check whether necessary ports and protocols are open and configured properly.
I have a react app hosted on AWS as two EC2 instances. One for the frontend(ReactJs) and other for the backend (NodeJs with MongoDB as the database). To put the website behind SSL, the frontend instance is wrapped under an application load balancer. All listeners are configured as per AWS documentation along with setting up the security and target groups.
Route 53 has been also setup to allow all connections to the website to be routed to the https link which is working properly.
Problem arises when I open my website and try to login. When this access is being made from the frontend server to the backend url, the above message is displayed in the Chrome console while in Firefox it gives the following error: "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at . (Reason: CORS request did not succeed)."
Also just to highlight that the issue is only when i've put the website under an SSL certificate. We have also setup two staging servers which do not have any SSL certificate and there's no issue while doing any activity such as login mentioned above.
Please help me identify where i might be going wrong. I had also raised a technical ticket with AWS support but they have only confirmed that all settings related to the Load balancer and instances etc. are correct and have not been able to find the root cause. I have also tested the UFW for the Ubuntu instance which shows invalid so that is also not an issue.
Thanks,
Pranay
Created a separate application load balancer for the backend instance and then created a cloudfront distribution for this instance. The DNS name of the cloudfront can then be used to access the backend from the frontend.
I'm configuring Azure Application Gateway Url based routing for my two back-end pools and it is not working.
My default routing configuration is pointing to b1 end point and it is reachable by blabla.cloudapp.azure.com
When I add additional route path /b1/* I cannot access my back-end pool via blabla.cloudapp.azure.com/b1/. I get 404 page not found response.
Can anyone please help me to understand what is wrong with my configuration?
Azure Application Gateway URL Based routing will route different requests to different groups of servers (backend pools) based upon the URL of the request. Once the request is sent to a VM, it is received and treated like a normal web request. If the URL you are accessing is a Valid web URL for the web server that is receiving the request, then it will return a proper response.
The fact that you are getting a 404 error means that your web servers are receiving the request, but not finding anything at the requested location. One way you can troubleshoot this is to log onto the VM that should be receiving the request and trying the request in a browser replacing blabla.cloudapp.azure.com/with localhost/.
In the example you posted, you would need a folder from within your web directory called "b1" for the URL you specified to be a valid request.
You can use a Path-Based Rule to specify the default backend pool, as well as specific URL paths that should be sent to other backend pools. Here is an example of how to configure a Azure Application Gateway with URL based routing in the Portal.
Im facing some problems with AWS S3, i figured out that if i set some RoutingRules, it will only works at <bucket_name>.s3-website-us-east-1.amazonaws.com endpoint but this endpoint don't have SSL, is there another endpoint that has SSL s3.amazonaws.com/<bucket_name> but these RoutingRules doesn't work there.
Is there a way to make RoutingRules works at s3.amazonaws.com/<bucket_name> endpoint? or SSL works at <bucket_name>.s3-website-us-east-1.amazonaws.com?
I hear something about cloudfront but idk much about.
<bucket_name>.s3-website-us-east-1.amazonaws.com is a website endpoint, whereas the other one is a REST API endpoint. You can see the difference here.
You can see the example walkthroughs how to setup a static website on S3 and add CloudFront (where you can add SSL/TLS).
For your use case, as you have already identified you can use AWS CloudFront. It mainly provides two functions,
Acts as a CDN caching the static content based on your configuration.
Acts as a proxy where you can connect S3 buckets or other endpoints to CloudFront with routing rules where your DNS points to CloudFront.
In addition you can associate AWS Certificate Manager issued free SSL certificates with CloudFront.
Configuring CloudFront to S3 is straightforward. Check the AWS Getting Started Guide for more details.
Is it possible to use Amazon CloudFront as a hosting provider (linking it to a domain, etc) or is it only meant for content hosting?
The "hosting" provider is more likely S3. You can easily host your web site there. See instructions here: http://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html
Amazon CloudFront is a CDN service, which makes serving content faster for your end users as the content is available from edge points closer to the end users. You can create a distribution of your web site (from example S3 as explained above), but the content must arrive from an origin (as S3). See instructions here: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/GettingStarted.html