Skip to main content


CloudFront Viewer Protocol Policy should use https-only or redirect-to-https


Best practices recommend configuring your AWS CloudFront Content Delivery Network (CDN) distributions to use HTTPS for encrypting data while in transit between CloudFront and the viewer. Violations exist when CloudFront CDN distributions do not encrypt data using HTTPS.


Set the Distribution Viewer Protocol Policy to HTTPS Only or Redirect HTTP to HTTPS.

  1. Log in to the AWS Management Console.
  2. Select Services.
  3. Select CloudFront.
  4. Select the Distribution to edit.
  5. Select the Behaviors tab.
  6. Select the Behavior to edit, and select Edit.
  7. Under Viewer protocol policy, select HTTPS only or Redirect HTTP to HTTPS.
  8. Select Save changes.