How to disable Track HTTP Method on Amazon Cloud Front

Question

Hello,

I have been trying to disable the HTTP method TRACK from CloudFront distributions and I haven't found any place where I can turn it off. Also, I saw that the CloudFront is not supposed to support that HTTP method, but when a request comes to the CloudFront for some reason it has been responding as a normal GET request.  Could someone help me?

Answer

You can choose to serve HTTPS only or redirect HTTP to HTTPS options as Viewer Protocol Policy. 
Go to your Distribution -> Edit Behaviour ->Viewer protocol policy->  Select Redirect HTTP to HTTPS or whichever suits your need.

Answer

And if you want to allow or block certain HTTP method e.g. GET then it depends on your origin. if it is S3 bucket then you can use CORS configuration to allow only certain HTTP methods.

more info and example CORS policy here -
https://docs.aws.amazon.com/AmazonS3/latest/userguide/ManageCorsUsing.html#cors-example-2

Let me know if you have any other origin configured.

How to disable Track HTTP Method on Amazon Cloud Front

相关内容