Category: Amazon CloudFront

Internet users increasingly expect responsive web applications and APIs with lower latency and higher availability. Additionally, publicly accessible web applications and APIs are exposed to threats such as commonly occurring vulnerabilities described in the OWASP Top 10, SQL injection, automated requests, and HTTP floods (Denial of Service (DoS)) that can affect availability, compromise security, or […]

Enterprise customers have differing requirements based on a number of reasons including security, compliance, governance, and the industry they operate. In certain situations, customers are expected to adhere to certain protocols and standards that are non-negotiable. In this post, we explore how customers can specify TLS protocols and associated ciphers that are allowed from viewers […]

Being able to analyze web traffic and user behavior is essential to understanding the impacts of new features, content updates, or current product iterations for websites and applications. Tracking website activity can provide insight into who visits your website, where they come from, and what content they view. A web beacon is a common technique […]

In a modern distributed system, identifying where a problem has occurred is not a trivial task. In fact, it’s a key capability that an organization must master to maintain its competitiveness. Tracing is a great methodology to be used for this purpose. It creates a series of formatted logs with an identifier called Trace ID, which […]

In this post, we provide recommendations to improve network performance on AWS and hybrid networks. In today’s enterprise networking environment, it is becoming common for customers to have multi-gigabit connectivity to AWS either through AWS Direct Connect or over the Internet. Although network bandwidth is fundamental, several other factors come into play for network performance, […]

AWS WAF offers advanced features for filtering undesired web application traffic, such as Bot Control and Fraud Control. These intelligent threat mitigations include techniques such as client-side interrogations using JavaScript challenges or CAPTCHA, as well as client-side behavioral analysis. Implementing these techniques on a web page with a same-origin access is simple. When a cross-domain […]

You can now add AWS WAF protections to Amazon CloudFront distributions with one click. In this walkthrough, we will guide you through setting up and monitoring protections offered by this new feature along with pricing and additional security recommendations. This blog relates to Amazon CloudFront — a AWS service that you can use to deliver […]

Blue/green deployment is a widely used deployment technique in software development aimed at minimizing downtime and risks associated with introducing new code. The strategy involves concurrently running two identical environments, namely blue and green, and directing traffic between them as necessary. This allows you to have uninterrupted delivery of new features and updates, with no […]

Many of our customers use Amazon CloudFront and Amazon Simple Storage Service (Amazon S3) to deploy Single Page Applications (SPA): web applications created with React, Angular, Vue, etc. The development teams of these SPAs often have the following, seemingly conflicting, requirements: Users should experience as little latency as possible in downloading the web application. Therefore, […]

In this post, we demonstrate how you can use a same domain policy with Amazon CloudFront. Using this method, you eliminate the need for enabling Cross-Origin Resource Sharing (CORS), which results in improved performance for Single-Page Applications (SPA). Over the years, SPA frameworks such as ReactJs and AngularJs have become a popular method for developing […]