ERR_TIMED_OUT when accessing S3 bucket by a custom domain that uses Route53

Question

I have set up a static website by following this walkthrough:

https://docs.aws.amazon.com/AmazonS3/latest/dev/website-hosting-custom-domain-walkthrough.html

I can see the website by accessing its bucket address (example.ca.s3-website-us-east-1.amazonaws.com). But when I try to access the website using my domain address (example.ca), it gives me ERR_TIMED_OUT. I have purchased my domain from dreamhost, and had already changed the nameservers to those nameservers shown by Route53. I did a whois query of my domain and it just confirms that the nameservers are set properly. I am wondering what the issue can be, and how I can resolve it. I have checked the NS and A records in Route53 multiple times, and they follow the instruction. Can the issue be due to my domain being a .ca one?

Answer 1

It turned out that HSTS headers were being served by the previous hosting. HSTS set all HTTP requests to example.ca to be internally redirected to HTTPS before being sent.

Because custom domain HTTPS was not yet configured for the S3 bucket, the HTTPS request was timing out. Note that S3 does not support custom domain HTTPS directly, only through CloudFront.

The solution to this while in development is to clear the browser's HSTS cache for example.ca in settings. However when the new website is published, it will need to be served over HTTPS so that visitors who have HSTS already cached in their browsers are still able to load the site. The only solution to this is to use CloudFront or another reverse proxy / CDN (such as CloudFlare) to manage the custom domain HTTPS certificate.