En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

WAF rule statement unable to match Header

0

Hello,
I'd like to block requests that contain a specific Header "X-Forwarded-Host" using a rule in my Web ACL by using a "Size match condition" (like it is also demonstrated in Option 2 from this guide: https://aws.amazon.com/de/premiumsupport/knowledge-center/waf-block-http-requests-no-user-agent/)

I tired four scenarios but none was able to match the requests where the Header was set.

  1. If matches: Size greater than or equal to 0 -> matches nothing
  2. if matches: Size less than or equal to 0 -> matches nothing
  3. If NOT matches: Size greater than or equal to 0 -> matches every request without the header
  4. if NOT matches: Size less than or equal to 0 -> matches every request without the header

Expected behavior would be that 1. or 4. would match the requests.
Am I overlooking something here or is there a different solution?

Thank you for your time

Sujets
Sécurité, identité et conformité
Balises
AWS WAF
Langue
English
BenediktKaiser
demandé il y a 3 ans1090 vues
1 réponse
0

OP here (somehow I had to set a new username)

I was able to solve this issue. The rule was not working because of it's priority in respect to another whitelisting rule. Once it was moved before the whitelisting the filtering works as expected.

bedaka
répondu il y a 3 ans

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents