Can anyone provide recommendations and guidance on setting up and testing a reverse proxy with Amazon Cloudfront for a Webflow project, specifically when the client is not on the Enterprise plan?

Setting up a reverse proxy with Amazon CloudFront for a Webflow project (non-Enterprise plan) allows you to use a custom domain with advanced routing or backend integration — something not directly supported by Webflow for non-Enterprise users.

1. Understand the Limitations

• Webflow non-Enterprise sites do not support reverse proxy setups natively.
• Webflow binds custom domains (via DNS A and CNAME records) directly to their own infrastructure, and they do not officially support being proxied through third-party services unless you're on Enterprise.
• Using a reverse proxy is possible via custom infrastructure (e.g., AWS CloudFront + Lambda), but you must accept that Webflow support won't assist with proxy-based issues unless you upgrade to Enterprise.

2. Setup Overview on AWS

You can proxy Webflow through CloudFront using the following general architecture:

• CloudFront → Lambda@Edge (optional rewriting, headers) → Webflow hosted site (e.g., https://yourproject.webflow.io)

Requirements:

• An S3 bucket is not needed if you're just proxying.
• Domain remains on your own DNS (e.g., Route 53, Cloudflare).
• You cannot use Webflow’s domain verification; you'll reverse-proxy the Webflow site using CloudFront.

3. Configure CloudFront

• Create a CloudFront distribution in AWS.
• Origin Domain Name: Use your Webflow staging domain (e.g., yourproject.webflow.io).
• Origin Protocol Policy: Set to HTTPS Only.
• Viewer Protocol Policy: Choose Redirect HTTP to HTTPS or HTTPS Only.
• Cache Policy: Use CachingDisabled if dynamic updates or real-time changes are expected.
• Custom Headers: Add a header like Host: yourproject.webflow.io to make sure Webflow serves the correct site.
• CNAME (Alternate Domain Names): Add your custom domain (e.g., example.com or www.example.com).
• SSL Certificate: Use AWS Certificate Manager (ACM) to generate and attach a certificate for your custom domain.

4. Handle Path Rewrites (If Needed)

• To proxy cleanly and adjust URL paths or headers, use Lambda@Edge or CloudFront Functions on the request event.
• For example, you can strip /proxy/ prefix or modify the origin request header.

5. Update DNS Settings

• In your DNS provider (e.g., Route53, Cloudflare):
• Create a CNAME or A record pointing your domain/subdomain to the CloudFront domain (e.g., d1234abcd.cloudfront.net).
• If using a root domain, use ALIAS (Route 53) or ANAME records (Cloudflare, DNSimple), as CNAMEs are not valid at root level.

6. Test the Proxy

• Visit the custom domain and verify:
• Content loads correctly from Webflow.
• SSL works via the CloudFront cert.
• Paths, links, and assets load without errors.
• Use browser dev tools or tools like curl -I to check for proper headers and response codes.

7. Maintain & Monitor

• Changes in Webflow (published site, structure) can affect your proxy if not handled carefully.
• Webflow rate-limits requests from unusual sources — avoid crawling/pinging your proxied site too frequently to prevent being blocked.
• Monitor your CloudFront metrics and logs.

Summary

To reverse proxy a non-Enterprise Webflow project via Amazon CloudFront:

• Set Webflow as the origin in CloudFront.
• Configure headers and optional Lambda rewrites.
• Point DNS to CloudFront instead of Webflow.
• Be aware Webflow does not support this officially — use at your own risk.

This setup can work well for basic reverse proxy needs, but for mission-critical or robust backend integration, upgrading to Webflow Enterprise is the only supported method.