Cloudfront - High volume 401 error
0
I have a Cloudfront with S3 and ALB origins. My Cloudfront has WAF in front. How is it possible CD metrics register a high volume 401 error? WAF didn't receive/register that volume of requests. Only Cloudfront has this error spike.! I have Cloudfront Logs active, but logs don't have these errors.
1 Answer
- Newest
- Most votes
- Most comments
0
HTTP 401 is a prompt for the client to authenticate. Have you a Lambda@Edge function, CloudFront Function, a Captcha action or custom HTTP 401 response configured in your WAF rules, or a Cognito authentication action in your ALB's listener rules that might prompt authentication at the HTTP layer from your users?
Relevant content
- asked a year ago
- asked 2 years ago
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated a year ago
Hi Leo.. thank you.
I don't have a function, captcha, custom 401 in WAF, or ALB Cognito.
In my view, WAF should count all requests, but it has 3.108 allowed requests and CF has 16.000 401 errors.
I see the ALB metrics, and it don't have 4xx error.