AWS WAF with cloudfront

0
votes

I am trying to block my ip address via WAF and using cloudfront.

It should block the IP address

I need to know whether it is neccessary to change dns configuration file with the new domain name cloudfront provides ?

1
amazon-web-servicesamazon-cloudfrontamazon-waf
Hi, I suggest you give some more details of the problem as this isn't a clear question at the momentNHol
I am trying to block one of my ip address to reach my webserver. For this I want to use AWS WAF with cloudfront. I have created a WEB ACL rule that block a specific ip address and allow all other ip addresses.Pooja Jain
After that I have created a cloud front distribution with the web server fqdn name as my origin domain name using HTTPS only and associated my WEB ACL rule with this cloudfront distribution. It gives me a new domain name (for example: dnhihhj2111111.cloudnet.com). My question is do I need to change my domain configuration file with the name give by cloudfront i.e. dnhihhj2111111.cloudnet.com. because with all the thinf I have done my ip address is showing me error but not blocking itPooja Jain

1 Answers

0
votes

Yes, you should update your DNS cname record to the CloudFront distribution.

You will need to have the WAF apply to the CF distribution and not the ALB of the origin if you use one.