Skip to main content

News

Securing Application with Custom Headers Using AWS CloudFront and WAF

Cloud Computing

Securing Application with Custom Headers Using AWS CloudFront and WAF

Background

Your company runs a website that is hosted on AWS. To ensure high availability and low latency for users worldwide, you used AWS CloudFront as the Content Delivery Network (CDN) in front of your web servers. To enhance security and protect against web threats, you decided to integrate AWS WAF with your CloudFront distribution. There is also a requirement that sites are supposed to be publicly available over the network, but site content will be served conditionally with request header. If User send genuine request header, then site content is allowed otherwise it will block.

Solution

To Implement this scenario, you can follow the below steps:

1.  Login AWS account, Navigate to AWS WAF

  1. Navigate to Rules. Click on Add, select “Add my own rules and rules group”

 

2

 

  1. Select Rule Builder, Enter Rule name
    3

 

  1. Select “doesn’t match the statement” and provide header name and header value

4

 

  1. Select Action “Block” click on ADD

5

 

  1. To Setup any custom response code and Response Body, Click Custom Response and select Enable Button

6

 

  1. Click on Create Custom response Body for custom response message

7
7b

 

  1. Adjust the rule priority then click on Add Rule Button.

  2. To access the Site, you can use Mod header plugin to send specific request header or for programmatic access you can use curl by passing the header values.

9

 

 

 

Tags

Thoughts on “Securing Application with Custom Headers Using AWS CloudFront and WAF”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Ankit Srivastava

Ankit Kumar Srivastava is a Lead Technical Consultant at Perficient. He has 8 years of experience in AEM DevOps and Administration, Microsoft Bitlocker Administration and Monitoring (MBAM), and cloud technology. He is always keen to learn about new technologies!

More from this Author

Categories
Follow Us