How can I ensure that my app which is deployed on an EC2 only communicates using HTTPS?

0

I currently have a web app deployed on an EC2 instance. My EC2 instance is connected to CloudFront distribution and HTTPS is configured. I redirect any HTTP to HTTPS in the cloud front but still one can connect to the EC2 using HTTP using Public IPv4 DNS.

Note:

  • CloudFront and the EC2 communicate internally using HTTP and listen on port 80

Questions:

  • How can I ensure that a browser can access my web app using HTTPS and through CloudFront only?
  • Are their better practices or steps that I should follow or changes I should do to any of my configs ?
Karim
feita há 4 meses149 visualizações
2 Respostas
0

Hi,

To exactly achieve your goal of Cloudfront-only access, you want to use AWS-managed prefix list for Amazon CloudFront: see https://aws.amazon.com/about-aws/whats-new/2022/02/amazon-cloudfront-managed-prefix-list/

Documentation is at https://docs.aws.amazon.com/vpc/latest/userguide/working-with-aws-managed-prefix-lists.html

Best,

Didier

profile pictureAWS
ESPECIALISTA
respondido há 4 meses
profile picture
ESPECIALISTA
avaliado há 4 meses
0

Use the Managed Prefix List to set up a Security Group that only allows access to port 80 from CloudFront.

https://aws.amazon.com/blogs/networking-and-content-delivery/limit-access-to-your-origins-using-the-aws-managed-prefix-list-for-amazon-cloudfront/

profile picture
ESPECIALISTA
shibata
respondido há 4 meses

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas