WAF is not blocking after string match

I create a rule i.e.

Type --> Regular rule

Field to match --> URI path

Positional constraint ---> Contains string

Search string ----> /test/*

Text transformations --> Lowercase (Priority 0)

Action --> Block

Custom response code --> 404

But after loading a url https://a.xyz.com/test/a or https://a.xyz.com/test its still works but not blocking. Why? What is wrong with the rule. Can anyone guide me please

주제

보안, 신원 및 규정 준수

태그

AWS WAF

언어

English

AWS-User-0338648

질문됨 2년 전1717회 조회

1개 답변

최신
최다 투표
가장 많은 댓글

수락된 답변

I think the problem is your use of the wildcard in your search string. The string match condition is "contains string," so in order to match on both the examples you've provided, you would need to change it to "/test"

If /test will always be at the start of the URI path then you should change the string match condition to "starts with string" as this consumes fewer WCUs.

Documentation for this can be found here: https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-string-match.html

전문가

Paul_L

답변함 2년 전

AWS-User-0338648
2년 전
but what if I want to set URI --> /test/a/* what should be string match condition? and for abc.example.com/* what should be string match condition?

WAF is not blocking after string match

관련 콘텐츠