Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

AWS WAF - Blocking excessive requests from one IP address

0

We are looking to enable AWS WAF in front of our Application Load Balancer. The aim would be to prevent a single IP address from flooding our application with excessive requests.

(1) Is there a way to implement this with WAF? When I look to adding the rule, it requires a IP set to apply the rule too - but we would like to implement it to all IP Addresses.

(2) Is there an easy way to find out the current number of requests per IP address in order to benchmark to decide what is classified as excessive and should be blocked?

Themen
Sicherheit, Identität & Konformität
Tags
AWS WAF
Sprache
English
AWS-User-8443772
gefragt vor 2 Monaten163 Aufrufe
1 Antwort
1

It sounds like you are looking for a rate-based rule.

In addition to the guidance linked above, I recommend you take a look at this blog post which discusses rate-based rules in more detail, as well as how you can analyse your logs in order to find how many requests each client IP is sending you.

AWS
EXPERTE
Paul_L
beantwortet vor 2 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt