Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

AWS WAF URI regex don't match

1

Hi, I created a Web ACL with one rule to allow traffic only on some enpoint, and the default ACL action is to block requests that don't match the rule.

## Rule
Field to Match: URI Path
Regular Expression: /(account|category|post)/ 
Action: ALLOW

##  Default web ACL action for requests that don't match any rules
Action: BLOCK

The problem is that the rule match only path with two or more segments, but don't match path with 1 segment.

http://api.example.com/account/foo/bar     => MATCH - ALLOW
http://api.example.com/account/foo?bar=baz => MATCH - ALLOW
http://api.example.com/account/foo         => MATCH - ALLOW

http://api.example.com/account             => DON'T MATCH - BLOCK
http://api.example.com/account?foo=bar     => DON'T MATCH - BLOCK

What's wrong? I would like the rule matches also path with 1 segment. Thanks in advance

Temas
Seguridad, identidad y cumplimiento
Etiquetas
AWS WAF
Idioma
English
AWS-User-3147005
preguntada hace 2 años2437 visualizaciones
1 Respuesta
3

Your regex ends with "/" so the last two URLs will not match because "account" in these URL does not end with "/"

Can you try with "/(account|category|post)"?

Thanks

profile pictureAWS
Eunsu_Shin
respondido hace 2 años
  • AWS-User-3147005
    hace 2 años

    Uh really? I'm using "/" as a delimiter of the regex. Anyway now it works

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante