How can I ensure that my app which is deployed on an EC2 only communicates using HTTPS?

0

I currently have a web app deployed on an EC2 instance. My EC2 instance is connected to CloudFront distribution and HTTPS is configured. I redirect any HTTP to HTTPS in the cloud front but still one can connect to the EC2 using HTTP using Public IPv4 DNS.

Note:

  • CloudFront and the EC2 communicate internally using HTTP and listen on port 80

Questions:

  • How can I ensure that a browser can access my web app using HTTPS and through CloudFront only?
  • Are their better practices or steps that I should follow or changes I should do to any of my configs ?
Karim
已提問 4 個月前檢視次數 151 次
2 個答案
0

Hi,

To exactly achieve your goal of Cloudfront-only access, you want to use AWS-managed prefix list for Amazon CloudFront: see https://aws.amazon.com/about-aws/whats-new/2022/02/amazon-cloudfront-managed-prefix-list/

Documentation is at https://docs.aws.amazon.com/vpc/latest/userguide/working-with-aws-managed-prefix-lists.html

Best,

Didier

profile pictureAWS
專家
已回答 4 個月前
profile picture
專家
已審閱 4 個月前
0

Use the Managed Prefix List to set up a Security Group that only allows access to port 80 from CloudFront.

https://aws.amazon.com/blogs/networking-and-content-delivery/limit-access-to-your-origins-using-the-aws-managed-prefix-list-for-amazon-cloudfront/

profile picture
專家
shibata
已回答 4 個月前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南