Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Amazon Web Services Adds HTTPS Support for CloudFront Content Delivery Service

Amazon Web Services (AWS) this week announced that its Amazon

Amazon Web Services (AWS) this week announced that its Amazon CloudFront content delivery network now supports the ability to deliver content over HTTPS connections.

This is a key update for the service which will now enable customers to serve secure, encrypted content from the CloudFront content delivery network on sensitive transactional pages and other secure sessions.

Enabling all content on a page to be delivered via HTTPS will help avoid security warnings that some browsers present when viewing a mix of HTTP and HTTPS content.

Amazon said that since the company launched CloudFront, HTTPS support has been one of the most requested features by customers.

For CloudFront customers, making the switch to HTTPS is easy. All that needs to be done is update any links calling content from cloudfront.net links to use the “https://” protocol instead of “http://” and Amazon CloudFront will serve the content using HTTPS.

For customers that want to require all content to be served via HTTPS, they can configure the service to require HTTPS for all requests and not permit any requests made over the regular HTTP protocol.

For HTTPS requests, Amazon CloudFront will also use HTTPS to retrieve objects from Amazon S3 (AWS Cloud Storage), ensuring all objects are encrypted whenever transmitted.

Amazon AWS also expanded its East Coast capacity for CloudFront, adding a new edge location in New York City to improve performance for users requesting content from New York and the northeast.

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cloud Security

Orca Security published details on four server-side request forgery (SSRF) vulnerabilities impacting different Azure services.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...