Unable to auto-configure Amazon® CloudFront

Hi there

I’m having a problem with auto-configure Cloudfront.

I reinstalled it 10x with “Deactivation Safeguards = NO” but I’m still gettin this same error message.

Unable to auto-configure Amazon® CloudFront Distributions.
Error code: 400. Error Message: Unable to create Amazon® CloudFront Downloads Distro. Unable to create Amazon® CloudFront Downloads Distro. Bad Request

I’m running the latest version of S2member (Version 120309)

I followed all the instructions on the tutorials and everything is workin fine and I’ve already created a bucket in amazon S3.

But I’m still gettin stucked on the Cloudfront Installation.

Everytime I want 2 auto-configure it, it gives me this error message.

HERE IS MY .HTACCESS file in s2member-files:

Options +FollowSymLinks -MultiViews -Indexes

SetEnv no-gzip 1

RewriteEngine On
RewriteBase /
RewriteCond %{ENV:s2member_file_ms_scan} !^complete$
RewriteCond %{THE_REQUEST} ^(?:GET|HEAD)(?:[ ]+)(?:/)([_0-9a-zA-Z-]+/)(?:wp-content/)
RewriteRule ^(.*)$ – [E=s2member_file_ms_scan:complete,E=s2_blog:%1]
RewriteCond %{ENV:s2member_file_download_scan} !^complete$
RewriteRule ^(.*)$ – [E=s2member_file_download_scan:complete,E=s2member_file_download:$1]
RewriteCond %{ENV:s2member_file_download} ^(.*?)(?:s2member-file-stream/)(.+)$
RewriteRule ^(.*)$ – [N,E=s2member_file_download:%1%2,E=s2member_file_stream:&s2member_file_stream=yes]
RewriteCond %{ENV:s2member_file_download} ^(.*?)(?:s2member-file-stream-(.+?)/)(.+)$
RewriteRule ^(.*)$ – [N,E=s2member_file_download:%1%3,E=s2member_file_stream:&s2member_file_stream=%2]
RewriteCond %{ENV:s2member_file_download} ^(.*?)(?:s2member-file-inline/)(.+)$
RewriteRule ^(.*)$ – [N,E=s2member_file_download:%1%2,E=s2member_file_inline:&s2member_file_inline=yes]
RewriteCond %{ENV:s2member_file_download} ^(.*?)(?:s2member-file-inline-(.+?)/)(.+)$
RewriteRule ^(.*)$ – [N,E=s2member_file_download:%1%3,E=s2member_file_inline:&s2member_file_inline=%2]
RewriteCond %{ENV:s2member_file_download} ^(.*?)(?:s2member-file-storage-(.+?)/)(.+)$
RewriteRule ^(.*)$ – [N,E=s2member_file_download:%1%3,E=s2member_file_storage:&s2member_file_storage=%2]
RewriteCond %{ENV:s2member_file_download} ^(.*?)(?:s2member-file-remote/)(.+)$
RewriteRule ^(.*)$ – [N,E=s2member_file_download:%1%2,E=s2member_file_remote:&s2member_file_remote=yes]
RewriteCond %{ENV:s2member_file_download} ^(.*?)(?:s2member-file-remote-(.+?)/)(.+)$
RewriteRule ^(.*)$ – [N,E=s2member_file_download:%1%3,E=s2member_file_remote:&s2member_file_remote=%2]
RewriteCond %{ENV:s2member_file_download} ^(.*?)(?:s2member-file-ssl/)(.+)$
RewriteRule ^(.*)$ – [N,E=s2member_file_download:%1%2,E=s2member_file_ssl:&s2member_file_ssl=yes]
RewriteCond %{ENV:s2member_file_download} ^(.*?)(?:s2member-file-ssl-(.+?)/)(.+)$
RewriteRule ^(.*)$ – [N,E=s2member_file_download:%1%3,E=s2member_file_ssl:&s2member_file_ssl=%2]
RewriteCond %{ENV:s2member_file_download} ^(.*?)(?:s2member-file-download-key-(.+?)/)(.+)$
RewriteRule ^(.*)$ – [N,E=s2member_file_download:%1%3,E=s2member_file_download_key:&s2member_file_download_key=%2]
RewriteCond %{ENV:s2member_file_download} ^(.*?)(?:s2member-skip-confirmation/)(.+)$
RewriteRule ^(.*)$ – [N,E=s2member_file_download:%1%2,E=s2member_skip_confirmation:&s2member_skip_confirmation=yes]
RewriteCond %{ENV:s2member_file_download} ^(.*?)(?:s2member-skip-confirmation-(.+?)/)(.+)$
RewriteRule ^(.*)$ – [N,E=s2member_file_download:%1%3,E=s2member_skip_confirmation:&s2member_skip_confirmation=%2]
RewriteRule ^(.*)$ %{ENV:s2_blog}?s2member_file_download=%{ENV:s2member_file_download}%{ENV:s2member_file_stream}%{ENV:s2member_file_inline}%{ENV:s2member_file_storage}%{ENV:s2member_file_remote}%{ENV:s2member_file_ssl}%{ENV:s2member_file_download_key}%{ENV:s2member_skip_confirmation} [QSA,L]

deny from all

HERE IS MY .HTACCESS file on wordpress root:

# BEGIN s2Member GZIP exclusions

RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (?:^|?|&)s2member_file_download=.+
RewriteRule .* – [E=no-gzip:1]

# END s2Member GZIP exclusions

# BEGIN WordPress

RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress

does anybody have an idea to fix this problem?

thanks in advance

• This topic was modified 4 years, 8 months ago by  KB Armand.
• This topic was modified 4 years, 8 months ago by  KB Armand.
• This topic was modified 4 years, 8 months ago by  KB Armand.
• This topic was modified 3 years, 4 months ago by  KB Armand.

Hi, I’m having the exact same issue and it’s a mystery. I have also tried to deactivate and reactive the plugin (I too have the latest version), but that does not help.

I repeatedly get: Error code: 400. Error Message: Unable to create Amazon® CloudFront Downloads Distro. Unable to create Amazon® CloudFront Downloads Distro. Bad Request.

How can I fix this? I can’t move forward with launching my site until I can properly configure this.

Thanks in advance!

Thanks for reporting this important issue.

We fixed a bug related to this in s2Member v120309, where a problem would sometimes occur under installations of PHP that were running in SAFE mode (due to cURL limitations with respect to redirections).

v120309 Bug fix. Some PHP installations running in safe mode were experiencing `400 Bad Request` errors whenever s2Member’s Amazon® CloudFront configuration routines for file downloads were processed. Fixed in this release of s2Member v120309.

However, it sounds like you’re still reporting problems in the latest release even. I’m not aware of this being a widespread issue, so I have to assume (at least at this point), that it’s a server-dependent issue.

If your PHP installation supports allow_url_fopen (see this article), I would suggest the following hack to see if it helps any. Please report back with your findings. If I find a way to avoid this compatibility issue all together, I’ll be happy to update s2Member in a more official capacity going forward.

Create this directory and file please:
/wp-content/mu-plugins/s2-hacks.php
( these are MUST USE plugins, see: http://codex.wordpress.org/Must_Use_Plugins )

<?php
add_filter ("use_curl_transport", "__return_false");
// This way WordPress will use FOPEN, which might work better in some environments.
?>

In short, disabling the cURL transport method in your WordPress installation, will force WordPress to fall back on another available transport supported by your server. Thereby (hopefully) allowing the communication between WordPress and Amazon to succeed, where it may have been failing under the cURL transport for a reason that is yet to be determined at this point.

Thanks, Jason. I’ll give it a go! I’m not a developer, just an amateur trying my best so forgive the following stupid question please: how do I create the s2-hacks.php file or where do I get it from. Is there anywhere I can go for step-by-step instructions? I am able to get as far as creating am /mu-plugins/ folder in my wp-content directory using filezilla. After that I’m lost…

Thanks!
Eva

Hi Jason,

Okay, I figured out how to create a PHP file (I used notepad and notepad++) and I uploaded the php file with the code you specified above to my mu-plugins folder.

I then went into the S2Member file download options, ticked the box to ask S2Member to automatically configure cloudfront distributions and… same error. Error code: 400. Error Message: Unable to acquire existing Amazon® CloudFront Origin Access Identity. Unable to acquire existing Amazon® CloudFront Origin Access Identity. Bad Request.

Eva

I realize it’s a different error message I get now (as reflected in the above post) but the issue is still the same- can’t configure cloudfront. I found another discussion trail on error 400 in the forum, which is now closed for posts, but I don’t understand what they did in the end to solve the issue. Here is the chain: http://www.s2member.com/forums/topic/error-400/page/2/

Any help you can provide would be VERY appreciated!!!

Eva

Hi again

I’ve created the mu-plugin directory (/wp-content/mu-plugins/) and uploaded the s2-hacks.php file in there.

Then I was trying to Auto-configure it again, but it still gives me this same 400 error message:

Unable to auto-configure Amazon® CloudFront Distributions.
Error code: 400. Error Message: Unable to create Amazon® CloudFront Downloads Distro. Unable to create Amazon® CloudFront Downloads Distro. Bad Request

I’ve red every single post about this Cloudfront problem / 400 error message in all the forums and I have really tried everything and spend a lot of hours on it, but still no success. =(

I would like to upgrade s2member to pro, but before launching my website i have to solve this 400 error issue and make sure that Cloudfront is working for me.

Is there anyway to configure Amazon® CloudFront Distributions & Amazon® S3 ACLs MANUALLY? (I’m not a developer)

thanks in advance

Hi Jason,

Are you guys still working on this? Any new thoughts on things I should try to get this resolved?

Cheers,
Eva

Did you double check that you copied the key from the right file? Amazon® CloudFront Private Key (contents of your [hilite mono]pk-[***].pem[/hilite] file). I’ve seen another user copy the key from the wrong file and get a 400 error until he fixed it. [hilite path]Dashboard -› s2Member® -› Download Options -› Amazon® S3/CloudFront CDN Storage[/hilite]

Hi Cristian!

Yes, I did copy from the pem file because it was auto generated and I had to save it to my desktop, then open it with notepad to copy the contents (including all dashes) and paste it to the field in S2Member. I’ve even repeated the process. I now get an error that says:

Error code: 400. Error Message: Unable to acquire existing Amazon® CloudFront Origin Access Identity. Unable to acquire existing Amazon® CloudFront Origin Access Identity. Bad Request

Do you think the problem is with AWS? I have made sure that I have no distributions (I deleted the ones I created before) and so I have a set of files in a bucket in S3 but no distributions as I am waiting on S2Member to configure those for me. BUT, of course the problem is that I can’t seem to connect S2Member with AWS.

Is there anything else in my S2Member configurations that I should check? Do I need to do or check anything in my Basic Download restrictions or any other part?

Thanks<
Eva

Well, I don’t have experience setting up CloudFront, I just follow what Jason wrote in the docs or said in his videos, and some previous posts he or other users made in the forums about it.

Jason is coming to the forums about once a week lately, since the new s2Member is under heavy development and he’s pretty much just doing that. He’ll reply here, hopefully soon, but I’ll try to help you in the meantime.

Have you watched his video on CloudFront yet? http://s2member.com/videos/

Details received via Private Contact Form.
~ Investigating now.

Thanks for your patience.
After running diagnostics on your server, I found the following issues.

1. Your installation of PHP is compiled –with-curlwrappers. This alters the way some native features in PHP function, and it causes problems for WordPress, because of this known bug that still exists even in the latest versions of PHP. For further details, see: https://bugs.php.net/bug.php?id=41051

2. Your Amazon S3 Bucket Name contains characters that are considered invalid for CloudFront. All Amazon S3 Bucket names should contain lowercase alphanumerics and dashes only. Your current Amazon S3 Bucket contains one uppercase character. Please see: http://docs.amazonwebservices.com/AmazonS3/latest/dev/BucketRestrictions.html

---

Regarding point #1. I was able to workaround this conflict on your server, by making two adjustments. One in WordPress itself, and another in s2Member. I’ll document them both for you here. Maybe this will also help someone else hosted by LiquidWeb.

I removed the s2-hacks.php file that you created with:
add_filter ("use_curl_transport", "__return_false");.
On a server configured –with-curlwrappers, you are better off using cURL directly. When this option is enabled in PHP, cURL is going to be used one way or another, so we might as well go directly to it.

---

Open /wp-includes/class-http.php, at line #1055 find this:

case 'PUT':
	curl_setopt( $handle, CURLOPT_CUSTOMREQUEST, 'PUT' );
	curl_setopt( $handle, CURLOPT_POSTFIELDS, $r['body'] );
	break;

After this section of code, add this section:

case 'DELETE':
	curl_setopt( $handle, CURLOPT_CUSTOMREQUEST, 'DELETE' );
	curl_setopt( $handle, CURLOPT_POSTFIELDS, $r['body'] );
	break;

This adds DELETE support to the WordPress cURL interface. s2Member normally falls back on WP_Http_Streams for this, but on your server that’s causing problems. So this direct edit is needed.

---

Open this s2Member file: /s2member/includes/classes/utils-urls.inc.php, at line #201 find:

if (!empty ($args["method"]) && strcasecmp ((string)$args["method"], "DELETE") === 0)

Replace that line with this instead:

if (!empty ($args["method"]) && strcasecmp ((string)$args["method"], "X-DELETE") === 0)

Conclusion. If a server has PHP compiled –with-curlwrappers, it will cause problems for WordPress, because of this PHP bug. Applications expecting native PHP functions, to behave like native PHP functions, will be sadly disappointed, and the result could be broken functionality. Particularly in applications communicating with the Amazon API, where authorization headers are required by Amazon. If you are unable to re-compile your installation of PHP without this option, try the workaround I posted above.

@Eva Galfi
You should be good now. Please change your Amazon S3 Bucket Name to one which is compatible with CloudFront (i.e. all lowercase please). Then run s2Member’s automatic configuration again.

What can I say, Jason. You’re a total genius! I renamed my bucket and tried it all again. It all worked perfectly!!! I really appreciate all the time you spent looking into what the issue was on my server and creating a patch to help me. Thanks so much!! :-) Eva

Regarding this issue, if I pay for a license, will you run diagnostics on my site?

Hi Micah.

Saw your email.

In the field for the bucket, don’t enter the URL, just the bucket’s name. [hilite path]Dashboard -› s2Member® -› Download Options -› Amazon® S3/CDN Storage[/hilite]

Also, try configuring the Basic Download Restriction. [hilite path]Dashboard -› s2Member® -› Download Options -› Basic Download Restrictions[/hilite]

I hope that helps. :)

Just the bucket’s name did the trick! Thanks, Cristián!

(This is Micah, btw)

• This reply was modified 4 years, 7 months ago by  Terry Francke.

Excellent! I’m glad that did it. Thanks for the udpate. :)

I was not sure where to post this, but here we go anyway….

I setup to have secure file downloads available for clients.

I create a folder access-s2files-ccap-flast1

I put files in there and then was able to setup pages where they could be given ccap and download….worked great. now, when you click the file (stored at amazon s3 account in the appropriate folder that used to work), the file loads with a white screen….there are no error codes….nothing.

I have also linked files to the same amazon s3 account (not in the ccap folder) and they open fine from the wp site..

this leads me to believe that it is s2member that needs to be tweaked on my end….any ideas with htaccess????

I am also using bulletproof security (bps security)…it locks the htaccess file and allows me to add custom code…it was activated and s2member was allowing downloads without any trouble…i do not think that this is the problem but I wanted to mention it.

Hi…

It looks as if I’m having the same problem when trying to configure CloudFront. I get the following error:

—

Unable to auto-configure Amazon® CloudFront Distributions.
Error code: 400. Error Message: Unable to create Amazon® CloudFront Downloads Distro. Unable to create Amazon® CloudFront Downloads Distro. Bad Request

—

I managed to set up S3/CDN fine… that’s all working as it should.

I’ve double checked I’m using the right keys and followed the video tutorial exactly.

I amended the /s2member/includes/classes/utils-urls.inc.php file and /wp-includes/class-http.php file as above… but no change.

The only thing I can think it might be is the way the server is set up maybe? The site is hosted on Media Temple’s Grid Servers…

Any help would be greatly appreciated.

Thanks,

Andy

Dear Jason,

The man who is so GOOD. Gosh, kinda new here but this thread made my day! I used an upper case letter and didn’t even realize it until you brought to someone else attention.

Love s2member.

Keep up the great work

Happy Happy customer..

Dan

We’re still getting that error message, however our bucket was setup in lowercase to begin with:
“Unable to auto-configure Amazon® CloudFront Distributions.
Error code: 400. Error Message: Unable to update existing Amazon® S3 ACLs. Unable to update existing Amazon® S3 Bucket Policy. Bad Request”

We bought and installed the Pro version approx two weeks ago, but all our members’ language training content is in video and audio form, so it really defeats the purpose if this doesn’t work.

We followed instructions from the pem file, etc.
We’re hosted on WPEngine.

So I assume the steps we should take are the following:
1. apply a must-use plugin
2. if that doesn’t work, try Jason’s other workaround adding the case delete lines in the code.