Rules of AEM

aemrules.com Security Headers & Cookie Management in Hybrid AEM CDN Setup on AWS CloudFront 7 min read  ·  Anuj Gangwar  ·  AEM Architect @ Adobe TL;DR Ask AI 5 things to know in 30 seconds 1 Never manage security headers on both EDS and AMS independently — enforce all of them at CloudFront only using a Response Headers Policy. One place, consistent everywhere. 2 Your CSP policy must be a superset covering both EDS and AMS — scripts, fonts, and connect sources from both origins in one unified policy. 3 Strip ALL cookies before forwarding to EDS origin. EDS is stateless — forwarding AMS session cookies destroys cache efficiency and every user gets a unique cache entry. 4 For AMS authenticated paths, whitelist only the cookies you need — typically login-token. Never forward all cookies blindly. 5 For SSO across EDS and AMS pages, use a lightweight JWT shared cookie reada...

  Cache Invalidation in Hybrid AEM: Keeping EDS and AMS in Sync on AWS CloudFront Introduction In a hybrid AEM setup where EDS and AMS serve different parts of the same website through AWS CloudFront, cache invalidation is one of the trickiest problems to solve. Both systems have completely different invalidation mechanisms — and if you don't coordinate them properly, editors end up seeing stale content, confused about why their published changes aren't showing up. This post explains how cache invalidation works in each system, why hybrid setups make it harder, and how to build a reliable invalidation strategy across both origins. The Core Problem In a single-origin AEM setup, invalidation is straightforward: Editor publishes in AEM Dispatcher flush agent clears the Dispatcher cache CloudFront invalidation clears the CDN layer Done In a hybrid setup you have two completely separate invalidation pipelines that must never interfere with each other: EDS publish event ...

aemrules.com Hybrid AEM CDN Architecture: Routing EDS + AMS on AWS CloudFront 8 min read  ·  Anuj Gangwar  ·  AEM Architect @ Adobe TL;DR Ask AI 5 things to know in 30 seconds 1 AWS CloudFront acts as a single traffic cop — routing every request to either EDS or AMS based on the URL path pattern. 2 EDS paths like /blog/* go to hlx.live origin. AMS paths like /products/* go to the Dispatcher origin. Default catch-all points to AMS. 3 Consolidate all EDS static assets under /eds/* — fonts, scripts, styles, blocks, icons all under one folder. One CloudFront rule instead of six. 4 A CloudFront Edge Function handles .html to clean URL 301 redirects at the edge — before any origin is contacted. 5 Always pass X-Forwarded-Host to both origins. AMS needs it for vhost matching. EDS Franklin Bot needs it for site resolution. Ask a question in the Ask AI tab for more details on a...

  AI-Powered Dispatcher & CDN Optimization for AEM Introduction AEM's Dispatcher and CDN layer is the frontline of performance and security. Traditionally, caching rules, TTLs, and security filters are all manually configured. But with AI and machine learning entering the infrastructure space, it's now possible to make smarter, dynamic decisions — from predicting cache invalidation patterns to detecting bot traffic and anomalous requests automatically. In this post, we'll cover practical ways to integrate AI/ML into your AEM Dispatcher and CDN stack.           1. AI-Based Anomaly Detection in Access Logs The first and most immediately useful application is analyzing Dispatcher/Apache access logs using AI to detect DDoS patterns, credential stuffing, or scraping bots. Log Parser Script (Python + OpenAI) Instead of manually writing regex rules, feed your access logs to an LLM to identify suspicious patterns: # log_analyzer.py import openai import...

Caching Strategy - CDN/APACHE - Internal working & Example Headers Imagine a company is hosting a website on a server in any cloud provider like AWS, AZUR, GCP . It may take around 100ms to load for users in US, but it takes 3–5 seconds to load for users in Finland. Fortunately, there are strategies to minimize this request latency for far-away users. These are called Caching and Content Delivery Networks (CDNs), which are two important concepts in modern web development and systems design. CDN are of different-different type   based on cloud service provider below are few most used ones – Cloud Front , by AWS Azure Front Door Content delivery solution from Akamai Different Caching Strategies Caching data can greatly improve the performance of applications. There are typically 4 common places where we can store cached data. Browser Caching Browser caching involves storing website resources on a user’s local computer. When a user revisits a site, the brow...