I have build a upload function for my customer. Due to SQL injection prevent, some of my customer images got blocked by CloudFront. But instead of trying to manually clean these injection, customer want normal upload. (I can use some tool like imagemagick to convert back and ford png/jpg for example to clean injection part). So I ended up by using base64 encoding and custom jQuery fileupload (blueimp). This lead to some other problems, mostly randomly got 502 error on batch of 200 files upload. https://stackoverflow.com/questions/20664018/cloudfront-custom-origin-distribution-returns-502-error-the-request-could-not-b https://www.tessian.com/blog/how-to-fix-http-502-errors/ I had a similar issue recently which turned out to be due to ssl_ciphers that I was using. From http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html, "CloudFront forwards HTTPS requests to the origin server using the SSLv3 or TLSv1 protocols and the AES128