I have setup S3 with CloudFront to serve static site behind Basic HTTP authentication, similar to this setup here: Basic User Authentication for Static Site using AWS & S3 Bucket
Everything seems to work fine, but for some reason when I do a refresh of the site, CloudFront responds with 403 AccessDenied. This is also happening only when navigating somewhere to the site, like example.com/somepath and refreshing the site. If I stay at the root level: example.com and hit that refresh button everything seems to work fine.
I have configured routing on react app, so just to be clear that when navigating site via application links all seems to be normal. Only refreshing the page causes above issue. I have static website hosting disabled on S3 as I don't want anyone accessing my S3 files via S3 links directly.
I have added a custom Error Page to the CloudFront distribution. For all 403 errors it should fetch root from origin / and return 200 HTTP status code.
Any ideas where to look for the issue?
