Waldium
Sign InSign Up

AWS Route 53 and CloudFront

Use AWS CloudFront to serve your blog at a subpath like yoursite.com/blog. CloudFront behaviors route requests to different origins based on URL patterns, letting you serve both your main site and Waldium blog from a single domain.

Overview

You'll configure CloudFront behaviors to route traffic appropriately:

PathDestinationCaching
/.well-known/acme-challenge/*Your main siteDisabled
/.well-known/vercel/*Your main siteDisabled
/blog/*[SUBDOMAIN].waldium.appDisabled
/blog[SUBDOMAIN].waldium.appDisabled
/waldium-assets/_next/static/*[SUBDOMAIN].waldium.appEnabled
Default (*)Your main siteEnabled

All behaviors must use the origin request policy AllViewerExceptHostHeader.

Create a CloudFront Distribution

  1. Open the CloudFront console in AWS
  2. Click Create distribution
  3. For Origin domain, enter [SUBDOMAIN].waldium.app (your Waldium subdomain)
  4. Under Web Application Firewall (WAF), enable security protections
  5. Keep other settings at their defaults
  6. Click Create distribution

Add Your Main Site Origin

After creating the distribution, add an origin for your main site:

  1. Navigate to the Origins tab
  2. Click Create origin
  3. Enter your main site's staging URL as the Origin domain

Use a staging URL that mirrors your main site. For Vercel, this is your .vercel.app domain. For Webflow, use your .webflow.io staging URL.

You should now have two origins:

  • [SUBDOMAIN].waldium.app — Your Waldium blog
  • Your main site staging URL — Your landing page and other content

Configure Behaviors

Behaviors control how CloudFront routes requests. Navigate to the Behaviors tab and create the following:

.well-known/* Behavior

This ensures domain verification and SSL certificate provisioning work correctly:

  1. Click Create behavior
  2. Set Path pattern to /.well-known/*
  3. Set Origin to your main site
  4. Set Cache policy to CachingDisabled
  5. Set Origin request policy to AllViewerExceptHostHeader
  6. Set Viewer protocol policy to Redirect HTTP to HTTPS

For more specific control, create separate behaviors for /.well-known/vercel/* and /.well-known/acme-challenge/*.

/blog Behavior

Route the base blog path to Waldium:

  1. Click Create behavior
  2. Set Path pattern to /blog
  3. Set Origin to [SUBDOMAIN].waldium.app
  4. Set Cache policy to CachingOptimized
  5. Set Origin request policy to AllViewerExceptHostHeader
  6. Set Viewer protocol policy to Redirect HTTP to HTTPS

/blog/* Behavior

Route all blog subpaths to Waldium:

  1. Click Create behavior
  2. Set Path pattern to /blog/*
  3. Set Origin to [SUBDOMAIN].waldium.app
  4. Set Cache policy to CachingOptimized
  5. Set Origin request policy to AllViewerExceptHostHeader
  6. Set Viewer protocol policy to Redirect HTTP to HTTPS

/waldium-assets/_next/static/* Behavior

Enable caching for static assets:

  1. Click Create behavior
  2. Set Path pattern to /waldium-assets/_next/static/*
  3. Set Origin to [SUBDOMAIN].waldium.app
  4. Set Cache policy to CachingOptimized
  5. Set Origin request policy to AllViewerExceptHostHeader
  6. Set Viewer protocol policy to Redirect HTTP to HTTPS

Update Default Behavior

Finally, configure the default behavior to serve your main site:

  1. Select the Default (*) behavior
  2. Click Edit
  3. Change Origin to your main site staging URL
  4. Set Cache policy to CachingOptimized
  5. Set Origin request policy to AllViewerExceptHostHeader
  6. Click Save changes

Verify Your Configuration

Your behaviors should now include:

Path PatternOriginCache Policy
/.well-known/*Main siteCachingDisabled
/blog[SUBDOMAIN].waldium.appCachingOptimized
/blog/*[SUBDOMAIN].waldium.appCachingOptimized
/waldium-assets/_next/static/*[SUBDOMAIN].waldium.appCachingOptimized
Default (*)Main siteCachingOptimized

Test the Distribution

Before connecting your domain, test using the CloudFront distribution URL:

  1. Go to the General tab
  2. Copy the Distribution domain name (e.g., d1234abcd.cloudfront.net)
  3. Visit that URL—you should see your main site
  4. Append /blog—you should see your Waldium blog

Connect with Route 53

Link your CloudFront distribution to your domain using Route 53:

  1. Open Route 53 in the AWS console
  2. Navigate to your domain's Hosted zone
  3. Click Create record
  4. Toggle Alias on
  5. For Route traffic to, select Alias to CloudFront distribution
  6. Choose your distribution from the dropdown
  7. Click Create records

If an A record already exists for your domain, you'll need to remove it first.

DNS Propagation

After configuration, your blog should be accessible within a few minutes. DNS propagation typically takes 1-4 hours but can occasionally take up to 48 hours. If the subpath isn't working immediately, wait before troubleshooting.

Was this page helpful?