Misuse of CloudFront by hackers can get your CDN blocked by your server, this can be a problem. Unfortunately for security reasons you do not want to allow CloudFront to by pass mod security, as this can be exploited by Mod Security:
18.104.22.168 # lfd: (mod_security) mod_security (id:210410) triggered by 22.214.171.124 (US/United States/server-216-137-42-131.dfw3.r.cloudfront.net): 5 in the last 3600 secs – Thu Mar 12 22:13:57 2015
126.96.36.199 # lfd: (mod_security) mod_security (id:950103) triggered by 188.8.131.52 (US/United States/server-205-251-218-78.arn1.r.cloudfront.net): 5 in the last 3600 secs – Sun Mar 15 23:38:33 2015
184.108.40.206 # lfd: (mod_security) mod_security (id:220030) triggered by 220.127.116.11 (US/United States/server-54-240-145-159.fra6.r.cloudfront.net): 5 in the last 3600 secs – Mon Mar 16 07:07:34 2015
We are considering to make an effort to build something to allow Mod Security to block X-IP-ADDRESS header instead of the actual IP which belongs to the CDN, meanwhile the best thing you can do is to make sure while mod security blocks risky requests, it doesn’t become black listed.
Here is the full list of IP address ranges used by Amazon Cloud Front up to this date, add them to your “Firewall Allow IPs” list:
Warning: count(): Parameter must be an array or an object that implements Countable in /home/seattle/public_html/wp/wp-includes/class-wp-comment-query.php on line 399