Securing Application with Custom Headers Using AWS CloudFront and WAF
Background
Your company runs a website that is hosted on AWS. To ensure high availability and low latency for users worldwide, you used AWS CloudFront as the Content Delivery Network (CDN) in front of your web servers. To enhance security and protect against web threats, you decided to integrate AWS WAF with your CloudFront distribution. There is also a requirement that sites are supposed to be publicly available over the network, but site content will be served conditionally with request header. If User send genuine request header, then site content is allowed otherwise it will block.
Solution
To Implement this scenario, you can follow the below steps:
1. Login AWS account, Navigate to AWS WAF
Navigate to Rules. Click on Add, select “Add my own rules and rules groupâ€
Â
Â
Select Rule Builder, Enter Rule name
Â
Select “doesn’t match the statement†and provide header name and header value
Â
Select Action “Block†click on ADD
Â
To Setup any custom response code and Response Body, Click Custom Response and select Enable Button
Â
Click on Create Custom response Body for custom response message
Â
Adjust the rule priority then click on Add Rule Button.
To access the Site, you can use Mod header plugin to send specific request header or for programmatic access you can use curl by passing the header values.
Â
Â
Â
Source: Read MoreÂ