How to disable Track HTTP Method on Amazon Cloud Front
Hello,
I have been trying to disable the HTTP method TRACK from CloudFront distributions and I haven't found any place where I can turn it off. Also, I saw that the CloudFront is not supposed to support that HTTP method, but when a request comes to the CloudFront for some reason it has been responding as a normal GET request. Could someone help me?
You can choose to serve HTTPS only or redirect HTTP to HTTPS options as Viewer Protocol Policy. Go to your Distribution -> Edit Behaviour ->Viewer protocol policy-> Select Redirect HTTP to HTTPS or whichever suits your need.
And if you want to allow or block certain HTTP method e.g. GET then it depends on your origin. if it is S3 bucket then you can use CORS configuration to allow only certain HTTP methods.
more info and example CORS policy here - https://docs.aws.amazon.com/AmazonS3/latest/userguide/ManageCorsUsing.html#cors-example-2
Let me know if you have any other origin configured.
Relevant questions
CloudFront Function - HTTP Methods
asked 4 months agoHow to disable deletion protection?
asked 4 years agoPdf and audio file download blocked by WAF on CDN
asked 10 days agohow to redirect from HTTP to HTTPS on a Classic Load Balancer
asked 4 months agoInvalid VpcLink id {xxxxxx} referenced in integration
asked 3 months agoOperation cloudfront prompts access denied
asked 2 months agoHow to disable Track HTTP Method on Amazon Cloud Front
asked 2 months agocan't edit - The If-Match version is missing or not valid for the resource.
asked 10 months agoFailing to set Cloudfront up on a Wordpress Lightsail Instance
asked 4 months agoProtect HTTP Api Gateway with WAF
asked 2 months ago