CDNs’ Dark Side: Security Problems in CDN-to-Origin Connections

Content Delivery Networks (CDNs) play a vital role in today’s Internet ecosystem. To reduce the latency of loading website’s content, CDNs deploy edge servers different geographic locations. CDN providers also offer important security features including protection against Denial Service (DoS) attacks, Web Application Firewalls (WAFs), and recently, issuing managing certificates for their customers. Many popular websites use to benefit from both performance advantages. For HTTPS websites, Transport Layer Security (TLS) choices may differ connections between end-users (front-end or user-to-CDN), origin server (back-end CDN-to-Origin). Modern browsers can stop/warn users if weak insecure TLS/HTTPS options are used front-end connections. However, such problems back-end not visible end-users, lead serious issues (e.g., validating certificate MitM attacks). In this article, we primarily analyze communication; include inadequate validation support vulnerable TLS configurations. We develop test framework investigate connection 14 leading (including Cloudflare, Microsoft Azure, Amazon, Fastly), where could create an account. Surprisingly, all CDNs, found that prevented/warned by modern browsers; examples failing validate server’s certificate, using cipher suites as RC4, MD5, SHA-1, even allowing plain HTTP origin. identified 168,795 Alexa top 1 million potentially Man-in-the-Middle (MitM) attacks regardless origin/CDN configurations chosen owner.