Using CNAMEs with S3
When using Amazon S3 to serve your offloaded media library or assets, you may prefer to use a subdomain of your site’s primary domain rather than Amazon’s
To do this, we need to:
- Choose a subdomain to use. If the primary domain is
example.comperhaps we would like to serve offloaded media from
- Create the bucket
- Add a new CNAME record
- Configure WP Offload Media to use the custom domain
If your site is on HTTPS, please read this first.
If you haven’t already, go through the Quick Start first to get setup with an AWS account, user, and add your access keys into the Amazon Web Services plugin.
Creating the Bucket
Creating the bucket is easy and can be done using the interface within the WP Offload Media settings screen.
When pointing a CNAME at your S3 bucket, Amazon requires that the bucket name match the domain name you are pointing to it. That is, if we want to use
images.example.comfor our domain, the bucket must be named
images.example.com. Because of this requirement, it’s a good idea to create the bucket first before changing anything domain-related.
Add a New CNAME
Login to the registrar you use to manage the domain name for your website, and navigate to the section for managing the DNS of
Add a new
CNAME record with a name of
images, and a value of
images.example.com.s3.amazonaws.com and save the changes. DNS changes propagate much quicker than they used so you might see the change in a few minutes or less. You can use a free tool like http://dnschecker.org to check the propagation of the new record:
Configuring WP Offload Media
Once your CNAME is created for your domain, you can configure WP Offload Media to use the new subdomain for your media.
This kind of virtual hosting of Amazon S3 buckets does not support using HTTPS for your URLs in most cases because Amazon’s SSL certificate will not include
images.example.com in the
AlternativeName. If using HTTPS is necessary for your use (i.e. if your site is using https), we recommend setting up a proper distribution with CloudFront.
One alternative to CloudFront in this case is using SSL provided by CloudFlare, which will allow a secure connection (images will display properly), while the bucket is still accessed via HTTP by CloudFlare.
For more information, see the relevant Amazon S3 documentation