Redirect using WAF vs CDN

Question

Our application has 2 domains. http://www.example.org and https://secure.example.org

We are planning to decommission https://secure.example.org and have just 1 secure domain name:https://www.example.org

But we want to make sure any old URL still works and gets redirect to the new URL. http://www.example.org/my-url should redirect you to https://www.example.org/my-url https://secure.example.org/my-url should redirect you to https://www.example.org/my-url.

The question is - should the redirect be done at the CDN or WAF. We could also do it at the apache webserver, but would like to avoid hops. What is the best approach with their pros and cons.

AWS CloudFront does not support redirects, but it can achieved with using lambda or by using S3. But is there any concern if we use WAF for redirects.

I am not aware of WAF having any redirect capability. Can you provide a documentation reference that shows this feature? — Michael - sqlbot, Jan 30 '18 at 02:36
It does. We are not using AWS WAF but a little more advanced product. — user3084985, Jan 30 '18 at 23:38

score 1 · Answer 1 · answered Jan 30 '18 at 04:28

I'm not sure why you need a CDN for this and I'm fairly certain this is not a feature of AWS WAF. If your domain names are managed inside AWS (Route53) you can simply create an alias record that points the old record at the new one.

If your domain names are managed outside of AWS try migrating them to Route53. If you were going to use CloudFront (AWS CDN) to do this you could put it infront of your old URL but it would still require that you place an alias on the CDN. With CloudFront you can configure HTTP to HTTPS redirects if that is your interest in using the CDN.

Thanks for the response. Alias does not redirect the user to the https URL. It will not redirect user from https://secure.example.org/my-url to https://www.example.org/my-url. — user3084985, Jan 30 '18 at 23:37

Redirect using WAF vs CDN

1 Answers1