Important: Consider the Header name and Value as secure credentials, like a user name and password.Ĭreate a rule in your AWS WAF web ACL associated with the ALB to block the requests that don't contain the custom HTTP header secret value An example Header name is Custom-header and Value is Random-12345. For Add custom header, add the Header name and Value.Note: If you don't have an ALB origin, see Creating a distribution or Updating a distribution.
Select your ALB origin, and then choose Edit. From the navigation pane, choose Distributions. Create a rule in your AWS WAF web ACL associated with the ALB to block requests that don't contain the custom HTTP header secret value.Ĭonfigure CloudFront to add a custom HTTP header with a secret value in the requests that it sends to the ALB. 
Configure CloudFront to add a custom HTTP header with a secret value in the requests that CloudFront sends to the ALB. To restrict direct traffic to an ALB and allow traffic through only CloudFront using AWS WAF, do the following:
0 kommentar(er)
