1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
Hello.
It is possible to block using CloudFront Functions.
For example, you can check the host part included in the request header using the code below, and if "cloudfront.net" is included, you can return HTTP status code 403.
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/functions-tutorial.html
function handler(event) {
var request = event.request;
var host = request.headers.host.value;
if (host.includes('cloudfront.net')) {
return {
statusCode: 403,
statusDescription: 'Forbidden',
body: {
"encoding": "text",
"data": "<html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>"
}
};
}
return request;
}
I think it is also possible to block using custom rules using AWS WAF.
https://docs.aws.amazon.com/waf/latest/developerguide/classic-web-acl-rules-creating.html
Contenus pertinents
- demandé il y a un an
- Réponse acceptéedemandé il y a 7 mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a un an
Thank you Riku! Just noting that "data" in the response body should only contain plain text, as html tags are displayed literally.
HTML tags may have shown because the encoding is set to text.
Thank you Gary! The Developer Guide says: "You can specify the encoding as plain text ("encoding": "text") or as Base64-encoded content ("encoding": "base64")." Both encodings show html tags literally. Is there another way? I tried "text/html", but I got a 503.
To force parsing html tags one needs to send the content-type header as well, so the correct function syntax is the following:
function handler(event) { var request = event.request; var host = request.headers.host.value;
if (host.includes('cloudfront.net')) { return { statusCode: 403, statusDescription: 'Forbidden', headers: { "content-type": { "value": "text/html" } }, body: { "encoding": "text", "data": "<html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>" } }; }
}