Networking & Content Delivery
Category: Security, Identity, & Compliance
Continually Enhancing Domain Security on Amazon CloudFront
Last year, a colleague of mine wrote a blog post about new security measures that Amazon CloudFront was implementing to enhance the security of how domains are used on CloudFront distributions. This included mitigations to prevent the abusive use of domain fronting practices by not allowing SSL handshake requests and subsequent requests over the secured […]
AWS Best Practices for DDoS Resiliency – Updated Whitepaper Now Available
Come read the 2018 version of the AWS Best Practices for DDoS Resiliency whitepaper. In this whitepaper, we provide you with prescriptive DDoS guidance to build applications that are resilient to DDoS attacks. We describe different attack types, such as volumetric attacks and application layer attacks, and explain which best practices are most effective to manage each attack type.
Accelerating your Drupal Content with Amazon CloudFront
Drupal is a powerful content management system (CMS) that has powered has powered over a million websites. Drupal is flexible, scalable, and backed by a large open source community. Amazon CloudFront can accelerate the performance of your Drupal site while also improving your overall security posture. Read more about integrating Amazon CloudFront in front of a Drupal site with this step-by-step guide.
CloudFront now Supports ECDSA Certificates for HTTPS Connections to Origins
See how you can now use Amazon CloudFront to negotiate HTTPS connections to origins using Elliptic Curve Digital Signature Algorithm (ECDSA). ECDSA uses smaller keys that are faster, yet, just as secure, as the older RSA algorithm. The smaller keys will also increase the number of TLS handshakes that your origins can process per second, thereby saving compute cycles and reducing your cost of cryptography.