Back to All Checks
Medium CloudFront

CloudFront distributions should require encryption in transit

NISTISO 27001

Description

Checks whether an Amazon CloudFront distribution requires viewers to use HTTPS for encryption in transit.

Remediation

To enforce HTTPS for a CloudFront distribution, see the Amazon CloudFront Developer Guide.

Steps

  1. Open the Amazon CloudFront console.
  2. Choose the distribution to update.
  3. Go to the 'Distribution Settings' and select the 'Behaviors' tab.
  4. Edit the 'Viewer Protocol Policy' to either 'Redirect HTTP to HTTPS' or 'HTTPS Only'.
  5. Save changes.

Compliance

NISTISO 27001
Start Your Free Security Check