Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Custom Rule Not Being Evaluated

0

I have a custom error page as HTTP Response when a page is blocked, for labels generated in SQLi Ruleset. It works. But, when I add another Rule in the same Rule Group for CommonRuleSet (CrossSiteScripting), it is not getting evaluated. Everything for this is similar to the one that is working, but it is still not getting evaluted! I followed the Priority and also the COUNT setting for the Rules that I need to have Label generated. Anyone came across this scenario?

Temas
Seguridad, identidad y cumplimiento
Etiquetas
AWS WAF
Idioma
English
rePost-User-9847639
preguntada hace un año210 visualizaciones
1 Respuesta
0

It is possible that there's a slight misconfiguration after you add new statements/ modify the Label match rule. It would be good to share the rule configuration that you are using.

In my understanding the rule would look something like this:

{
  "Name": "Label_Match",
  "Priority": 0,
  "Action": {
    "Block": {
      "CustomResponse": {
        "ResponseCode": "200"
      }
    }
  },
  "VisibilityConfig": {
    "SampledRequestsEnabled": true,
    "CloudWatchMetricsEnabled": true,
    "MetricName": "Label_Match"
  },
  "Statement": {
    "OrStatement": {
      "Statements": [
        {
          "LabelMatchStatement": {
            "Scope": "LABEL",
            "Key": "awswaf:managed:aws:sql-database:SQLi_Body"
          }
        },
        {
          "LabelMatchStatement": {
            "Scope": "LABEL",
            "Key": "awswaf:managed:aws:core-rule-set:CrossSiteScripting_Body"
          }
        }
      ]
    }
  }
}
AWS
AWS-User-3413787
respondido hace un año

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante