Ensure that Amazon Cloudfront Content Delivery Network (CDN) distributions are configured to automatically compress content for web requests in order to increase your web applications performance and reduce bandwidth costs.
Ensure that geo restriction is enabled for your Amazon CloudFront CDN distribution to whitelist or blacklist a country in order to allow or restrict users in specific locations from accessing web application content.
Ensure that AWS CloudFront Content Delivery Network (CDN) service is used within your AWS account to secure and accelerate the delivery of your websites, media files or static resources.
Ensure that your AWS Cloudfront Content Delivery Network distributions are not using insecure SSL protocols (i.e. SSLv3) for HTTPS communication between CloudFront edge locations and your custom origins.
Ensure that all your AWS CloudFront web distributions are integrated with the Web Application Firewall (AWS WAF) service to protect against application-layer attacks
Ensure that your AWS Cloudfront distributions have the Logging feature enabled in order to track all viewer requests for the content delivered through the Content Delivery Network (CDN).
Ensure that your Amazon CloudFront distributions use a security policy with minimum TLSv1.1 or TLSv1.2 and appropriate security ciphers for HTTPS viewer connections.
Ensure that the communication between your AWS CloudFront distributions and their custom origins is encrypted using HTTPS in order to secure the delivery of your web content.
Ensure that the communication between your Amazon CloudFront CDN distribution and its viewers (end users) is encrypted using HTTPS in order to secure the delivery of your web application content
Ensure that the origin access identity feature is enabled for all your AWS Cloudfront CDN distributions that utilize an S3 bucket as an origin in order to restrict any direct access to your objects through Amazon S3 URLs.
Ensure that Origin Failover feature is enabled for your Amazon CloudFront web distributions in order to improve the availability of the content delivered to your end users
Ensure that field-level encryption is enabled for your Amazon CloudFront web distributions in order to help protect sensitive data like credit card numbers or social security numbers, and to help protect your data across application services.
Ensure that your web application is using Amazon Cloudfront Content Distribution Network (CDN) to secure its content delivery.
Check if CloudFront distributions are set to HTTPS
If you are not yet convinced to sign up with Cloudanix, that's not a problem. We recommend you use a comprehensive checklist which your team can use to perform a manual assessment of your workload.