Amazon CloudFront | Caching Flashcards
How can I protect my web applications delivered via CloudFront?
Caching
Amazon CloudFront | Networking & Content Delivery
You can integrate your CloudFront distribution with AWS WAF, a web application firewall that helps protect web applications from attacks by allowing you to configure rules based on IP addresses, HTTP headers, and custom URI strings. Using these rules, AWS WAF can block, allow, or monitor (count) web requests for your web application. Please see AWS WAF Developer Guide for more information.
Can I add or modify request headers forwarded to the origin?
Caching
Amazon CloudFront | Networking & Content Delivery
Yes, you can configure Amazon CloudFront to add custom headers, or override the value of existing headers, to requests forwarded to your origin. You can use these headers to help validate that requests made to your origin were sent from CloudFront; you can even configure your origin to only allow requests that contain the custom header values you specify. Additionally, if you use multiple CloudFront distributions with the same origin, you can use custom headers to distinguish origin request made by each different distribution. Finally, custom headers can be used to help determine the right CORS headers returned for your requests. You can configure custom headers via the CloudFront API and the AWS Management Console. There are no additional charges for this feature. For more details on how to set your custom headers, you can read more here.
How does Amazon CloudFront handle HTTP cookies?
Caching
Amazon CloudFront | Networking & Content Delivery
Amazon CloudFront supports delivery of dynamic content that is customized or personalized using HTTP cookies. To use this feature, you specify whether you want Amazon CloudFront to forward some or all of your cookies to your custom origin server. Amazon CloudFront then considers the forwarded cookie values when identifying a unique object in its cache. This way, your end users get both the benefit of content that is personalized just for them with a cookie and the performance benefits of Amazon CloudFront. You can also optionally choose to log the cookie values in Amazon CloudFront access logs.
How does Amazon CloudFront handle query string parameters in the URL?
Caching
Amazon CloudFront | Networking & Content Delivery
A query string may be optionally configured to be part of the cache key for identifying objects in the Amazon CloudFront cache. This helps you build dynamic web pages (e.g. search results) that may be cached at the edge for some amount of time.
Can I specify which query parameters to use in the cache key?
Caching
Amazon CloudFront | Networking & Content Delivery
Yes, query string whitelisting feature allows you to easily configure Amazon CloudFront to only use certain parameters in the cache key, while still forwarding all the parameters to the origin.
Is there a limit to the number of query parameters that can be whitelisted?
Caching
Amazon CloudFront | Networking & Content Delivery
Yes, you can configure Amazon CloudFront to whitelist up to 10 query parameters.
What parameter types are supported?
Caching
Amazon CloudFront | Networking & Content Delivery
Amazon CloudFront supports URI query parameters as defined in section 3.4 of RFC3986. Specifically, it supports query parameters embedded in an HTTP GET string after the ‘?’ character, and delimited by the ‘&’ character.