Mod Security & Amazon Cloud Front Problems

Misuse of CloudFront by hackers can get your CDN blocked by your server, this can be a problem. Unfortunately for security reasons you do not want to allow CloudFront to by pass mod security, as this can be exploited by Mod Security:

216.137.42.131 # lfd: (mod_security) mod_security (id:210410) triggered by 216.137.42.131 (US/United States/server-216-137-42-131.dfw3.r.cloudfront.net): 5 in the last 3600 secs – Thu Mar 12 22:13:57 2015
205.251.218.78 # lfd: (mod_security) mod_security (id:950103) triggered by 205.251.218.78 (US/United States/server-205-251-218-78.arn1.r.cloudfront.net): 5 in the last 3600 secs – Sun Mar 15 23:38:33 2015
54.240.145.159 # lfd: (mod_security) mod_security (id:220030) triggered by 54.240.145.159 (US/United States/server-54-240-145-159.fra6.r.cloudfront.net): 5 in the last 3600 secs – Mon Mar 16 07:07:34 2015

We are considering to make an effort to build something to allow Mod Security to block X-IP-ADDRESS header instead of the actual IP which belongs to the CDN, meanwhile the best thing you can do is to make sure while mod security blocks risky requests, it doesn’t become black listed.
Here is the full list of IP address ranges used by Amazon Cloud Front up to this date, add them to your “Firewall Allow IPs” list:

54.182.0.0/16
54.192.0.0/16
54.230.0.0/16
54.239.128.0/18
54.239.192.0/19
54.240.128.0/18
204.246.164.0/22
204.246.168.0/22
204.246.174.0/23
204.246.176.0/20
205.251.192.0/19
205.251.249.0/24
205.251.250.0/23
205.251.252.0/23
205.251.254.0/24
216.137.32.0/19

ColumbusSoft Version 3 Released!

We have updated our entire site, as web developers we like to stay on top of the technology, now we have changed our entire website and dashboard from bootstrap 2 to bootstrap 3, and we also added this blog! Let us know what you think!

Mobile Detected
Tablet Detected
Desktop Detected
Large Screen Detected
Retina Display Detected