Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

WAF rule statement unable to match Header

0

Hello,
I'd like to block requests that contain a specific Header "X-Forwarded-Host" using a rule in my Web ACL by using a "Size match condition" (like it is also demonstrated in Option 2 from this guide: https://aws.amazon.com/de/premiumsupport/knowledge-center/waf-block-http-requests-no-user-agent/)

I tired four scenarios but none was able to match the requests where the Header was set.

  1. If matches: Size greater than or equal to 0 -> matches nothing
  2. if matches: Size less than or equal to 0 -> matches nothing
  3. If NOT matches: Size greater than or equal to 0 -> matches every request without the header
  4. if NOT matches: Size less than or equal to 0 -> matches every request without the header

Expected behavior would be that 1. or 4. would match the requests.
Am I overlooking something here or is there a different solution?

Thank you for your time

Argomenti
Sicurezza, identità e conformità
Tag
AWS WAF
Lingua
English
BenediktKaiser
posta 3 anni fa1102 visualizzazioni
1 Risposta
0

OP here (somehow I had to set a new username)

I was able to solve this issue. The rule was not working because of it's priority in respect to another whitelisting rule. Once it was moved before the whitelisting the filtering works as expected.

bedaka
con risposta 3 anni fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente