How can I ensure that my app which is deployed on an EC2 only communicates using HTTPS?

0

I currently have a web app deployed on an EC2 instance. My EC2 instance is connected to CloudFront distribution and HTTPS is configured. I redirect any HTTP to HTTPS in the cloud front but still one can connect to the EC2 using HTTP using Public IPv4 DNS.

Note:

  • CloudFront and the EC2 communicate internally using HTTP and listen on port 80

Questions:

  • How can I ensure that a browser can access my web app using HTTPS and through CloudFront only?
  • Are their better practices or steps that I should follow or changes I should do to any of my configs ?
Karim
질문됨 4달 전149회 조회
2개 답변
0

Hi,

To exactly achieve your goal of Cloudfront-only access, you want to use AWS-managed prefix list for Amazon CloudFront: see https://aws.amazon.com/about-aws/whats-new/2022/02/amazon-cloudfront-managed-prefix-list/

Documentation is at https://docs.aws.amazon.com/vpc/latest/userguide/working-with-aws-managed-prefix-lists.html

Best,

Didier

profile pictureAWS
전문가
답변함 4달 전
profile picture
전문가
검토됨 4달 전
0

Use the Managed Prefix List to set up a Security Group that only allows access to port 80 from CloudFront.

https://aws.amazon.com/blogs/networking-and-content-delivery/limit-access-to-your-origins-using-the-aws-managed-prefix-list-for-amazon-cloudfront/

profile picture
전문가
shibata
답변함 4달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠