Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

WAF rule statement unable to match Header

0

Hello,
I'd like to block requests that contain a specific Header "X-Forwarded-Host" using a rule in my Web ACL by using a "Size match condition" (like it is also demonstrated in Option 2 from this guide: https://aws.amazon.com/de/premiumsupport/knowledge-center/waf-block-http-requests-no-user-agent/)

I tired four scenarios but none was able to match the requests where the Header was set.

  1. If matches: Size greater than or equal to 0 -> matches nothing
  2. if matches: Size less than or equal to 0 -> matches nothing
  3. If NOT matches: Size greater than or equal to 0 -> matches every request without the header
  4. if NOT matches: Size less than or equal to 0 -> matches every request without the header

Expected behavior would be that 1. or 4. would match the requests.
Am I overlooking something here or is there a different solution?

Thank you for your time

Temas
Seguridad, identidad y cumplimiento
Etiquetas
AWS WAF
Idioma
English
BenediktKaiser
preguntada hace 3 años1102 visualizaciones
1 Respuesta
0

OP here (somehow I had to set a new username)

I was able to solve this issue. The rule was not working because of it's priority in respect to another whitelisting rule. Once it was moved before the whitelisting the filtering works as expected.

bedaka
respondido hace 3 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante