Checks whether HTTPS is enabled for each domain name accelerated by Alibaba Cloud CDN.
Scenarios
After you enable HTTPS for domain names accelerated by Alibaba Cloud CDN, the data transmission between clients and CDN nodes is encrypted. This effectively prevents unauthorized access.
Risk level
Default risk level: high.
You can change the risk level as required when you apply this rule.
Compliance evaluation logic
- If HTTPS is enabled for each domain name accelerated by Alibaba Cloud CDN, the evaluation result is compliant.
- If HTTPS is disabled for a domain name accelerated by Alibaba Cloud CDN, the evaluation result is non-compliant. For more information about how to correct the non-compliant configuration, see Non-compliance remediation.
Rule details
| Item | Description |
|---|---|
| Rule name | cdn-domain-https-enabled |
| Rule ID | cdn-domain-https-enabled |
| Tag | CDN and CDN Domain |
| Automatic remediation | Supported |
| Trigger type | Configuration change |
| Supported resource type | Domain name |
| Input parameter | None |
Non-compliance remediation
For more information about how to enable HTTPS for domain names accelerated by Alibaba Cloud CDN, see Configure an SSL certificate.