How to Setup Domain, CloudFlare, Amazon Certificate Manager (ACM), and CloudFront
Note: This is a best practice, but also requires intermediate technical knowledge.
- Buy your domain, e.g. at QWords
- Signup at CloudFlare
- Add your domain to CloudFlare
- Go to your Domain Registrar and change the NS servers to point to CloudFlare’s
- Wait several minutes/hours (up to 24 hours) until CloudFlare detected that it is the chosen nameserver
- Go to AWS Certificate Manager (ACM) and request certificate for both
your_domain.tld
and*.your_domain.tld
. When prompted for verification method, use domain. - Go to CloudFlare and add the required CNAME records.
Setup CloudFront
You may want to set up CloudFront and origin first, as it takes some time to propagate. Requirement: You already have the CNAME record for the origin server.
- Go to AWS CloudFront
- Create distribution (note: you can only choose one ACM certificate per distribution)
- Enter the origin hostname (usually a CNAME to Elastic IP, or specific Load Balancer).
- Choose the ACM certificate.
- Cache policy “WordPress”. See reference CloudFront configuration documentation by About Lovia.
- Origin request policy: Managed-AllViewer.
- Note the CloudFront distribution’s hostname.
- Go to CloudFlare
- Add/Edit the CNAME record for root domain, to point to CloudFront distribution’s hostname.
- Go to Page Rules > Add Page Rule. For pattern
www.your_domain.tld/*
, set Forwarding URL, Permanent Redirect, tohttps://your_domain.tld/$1
.
Now you can create WordPress using WordOps.