Since this one is too hard to test by direct browser visit (you can see only 502 error from CloudFront or any other popular CDN provider), you can always test it directly from customer's SSH container, by the following pattern:
curl -kI --header 'Host: domain.com' 'https://nginx/lifetime-fitness-sample/ma-ny-lifeguard.html'
Original link for that one was:
You can figure that we injected Host: method to the curl command and then called Nginx hostname directly.
But what if the link is hidden behind certain username/password protection or authentication?
Not a problem at all. Please watch my video on how that can be achieved.
Please watch the video here:
For Windows users use the copy as cURL (cmd) option: