- Add a custom policy for Moodle with the “create cache policy” button under the Custom policies section:
The new cache HEADERs cache policy should include the following headers and setting
- Now go to the “Origin request” tab and create a new origin request policy
With the following headers and settings:
- Now go to the “Response headers” tab and create a new Response headers policy
With the following headers and settings:
You can also turn ON the Content-Security-Policy, if you do not have teachers uploading JS code for special Moodle questions that you do not wish to block.
And also the X-Content-Type-Options “nosniff”, if you do not have old plugins that will break. - Now go back into you CloudFront distribution that is connected to your Moodle ASG target (called by CF “origin”), and then on the Behaviors tab set the above 3 new custom policies as follows:
