It has been some years since I graduated in Computer Science. Then, out of curiosity, I checked the college website to see the new courses and everything else that was new. However, after many attempts, I could still be blocked by the configuration in the Amazon CloudFront established as below:
I understand that Amazon Cloud Front has many advantages, such as communication encryption while handling certificates and default protection against DDoS attacks by covering the majority of attacks on the 3 and 4 layers of the OSI model provided by the AWS Shield and compliance with the standards to handle sensitive data. Still, some students will live, go on a vacation, or study abroad. Furthermore, my university might not have a location outside the Brazilian (which I am not sure about since it belongs to an international franchise) borders and does not require Edge Locations (the worldwide network of data centers Amazon) abroad to deliver services with low latency. Still, in this case, simply turning on CloudFront geo-restriction to avoid geo blocking would solve this problem. And as a former student, I would be glad to access my university’s website from Scandinavia :). The solution for this problem (besides changing the location with a VPN) is found on the Amazon website through this link: https://aws.amazon.com/pt/premiumsupport/knowledge-center/cloudfront-geo-restriction/, but I am also sharing the troubleshooting here below:
I could not find the e-mail of the university by I sent them a message in Portuguese to try to give some suggestions to the technical support team as below:
After a few minutes, I started to chat with a Chatbot:
I will continue to contact them to give them the idea of allowing access from other locations as well as some tips to avoid exposing infrastructure information :). This example made me thinking about two things :
1- The importance of thinking in all possible scenarios a customer would try to use or access an application.
2- Privacy, information, and cyber security are essential because only by accessing the application and using the Chatbot could I have the idea that they are using static contents, S3 as the object storage service, and Cloud Front services, which gave me a glimpse of their infrastructure.
In a nutshell, this is how I contacted my university after so many years.
For additional information:
(2023). Restricting the geographic distribution of your content. Amazon. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/georestrictions.html
Hi! I am Bruno, a Brazilian born and bred. Former Oracle ACE, Computer Scientist, MSc in Data Science, over ten years of experience in companies such as IBM, Epico Tech, and Playtech based in three different countries (Brazil, Hungary, and Sweden) and joined projects remotely in many others. I am super excited to show you my interest in Databases, Cloud, Data Science, Data Engineering, Bigdata, AI, Programming, Software Engineering, and data in general.
(Continue reading)