Skip to main content

lacework-global-125

CloudFront Origin Protocol Policy should use https-only

Description

It is recommended to configure your AWS CloudFront content delivery network (CDN) distributions to use HTTPS for encrypting data while in transit between your origin server and CloudFront. When CloudFront CDN distributions are found that are not configured to encrypt data using HTTPS are found, violations are reported.

Remediation

Set the Distribution Origin Protocol Policy to HTTPS Only.

  1. Log in to the AWS Management Console.

  2. Select Services.

  3. Select CloudFront.

  4. Select the Distribution to edit.

  5. Select the Origins tab.

  6. Select the Origin to edit and select Edit.

  7. Under Protocol, select HTTPS Only.

  8. Select Save changes.