1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
1
Hi Techxonia!
This article explains how can you update WAF rules in real time: https://aws.amazon.com/blogs/security/automatically-updating-aws-waf-rule-in-real-time-using-amazon-eventbridge/
répondu il y a 2 ans
Contenus pertinents
- demandé il y a un an
- Réponse acceptéedemandé il y a 7 mois
- demandé il y a 6 mois
AWS OFFICIELA mis à jour il y a 2 ans- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 2 ans
Thank you for response and still confused to solve the issue that WAF takes about 30 sec to act according to rule action (as per documentation). another issue that I could not solve is https://repost.aws/questions/QUNQvDBuveTF655KQOTpxjfw/waf-didnt-block-requests-if-block-condition-matched-for-first-time
Summary of qn Using locust , I made WAF test on my application. I made a rate limit based rule to block IP if requests exceed 100 in a default 5 minute window. When I tested with concurrency 400 with spawn rate 40, then WAF doesnot block after total requests exceeds 100. But when I stop the test and make a new test in locust and then only WAF blocks that IP for 5 min .
I tested many times and found when I make a first locust test , WAF is not working even if condition meets. But it works if I stop that test and make a new test. My purpose of blocking through WAF seems not feasible since attacker can make attack with huge requests and that won't be blocked.
I have enabled WAF on API gateway.
Can I have idea on this?