0

I inherited a complex AWS system from someone and I have practically no AWS experience. I'm reading documentation and doing training, but there's one thing I can't figure out: when someone hits a page served by CloudFront, are they able to make changes that affect the origin server?

I would have thought "no, they're just static pages", but I'm seeing evidence to the contrary. We have some Wordpress installs and I think the users are hitting Cloudfront when they log in through the admin panel remotely, but they're still able to make changes and publish content. I also at one point cached admin-ajax.php without allowing OPTIONS, PUT, PATCH, POST, and DELETE requests, thinking it doesn't matter because our front-end site doesn't use ajax. This broke the admin panel, which requires ajax, even when logged in directly to the origin server and bypassing Cloudfront.

Zachary Reese
  • 5
  • 1
  • 3

1 Answers1

0

The cached page would render in the browser, but when the user "makes changes" the browser is going to send a separate HTTP GET or POST request from the one that requested the page. The "changes" request will not be cached by CloudFront, but be forwarded to the origin server.

Note that you will need to configure CloudFront appropriately to respect the server's cache headers and treat parameters as cache keys, etc., in order for this to work properly. You can also configure CloudFront behaviors for a specific path, like /admin/* to prevent caching of the pages at that path among other things.

Mark B
  • 183,023
  • 24
  • 297
  • 295