Expand my Community achievements bar.

Learn about Edge Delivery Services in upcoming GEM session

AEM Security Vulnerability (Bypassing CDN and Dispatcher)

Avatar

Level 2

Hello All,

 

we have pretty strong dispatcher and CDN blockers restricting only required URL's. What we noticed that once we identify a valid content path for a site, its pretty much easy to by pass CDN and dispatcher eventually increasing the CPU Utilization. If its a planned dynamic IP flood of HTTP requests with valid URL, all such requests will reach AEM (Given an example scenario)

 

Home Page - /content/site/country/language/home.html

Vulnerable URL - /content/site/country/language/home123.html (any number of such URL's can be formed and triggered from simple hacking tools)

 

Has anyone come across such use case, as I feel its pretty much a key vulnerability.

 

Recommendation from Core Engg team was to limit requests coming through CDN to a specific amount and increase AEM infra.

 

Please share in your thoughts..

 

Thanks

Abdul

0 Replies