WAF is not blocking after string match
I create a rule i.e.
Type --> Regular rule
Field to match --> URI path
Positional constraint ---> Contains string
Search string ----> /test/*
Text transformations --> Lowercase (Priority 0)
Action --> Block
Custom response code --> 404
I think the problem is your use of the wildcard in your search string. The string match condition is "contains string," so in order to match on both the examples you've provided, you would need to change it to "/test"
If /test will always be at the start of the URI path then you should change the string match condition to "starts with string" as this consumes fewer WCUs.
Documentation for this can be found here: https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-string-match.html
but what if I want to set URI --> /test/a/ what should be string match condition? and for abc.example.com/ what should be string match condition?
Block suspicious(specific) user-agent using AWS WAFAccepted Answerasked 3 months ago
Block very large requests to API GatewayAccepted AnswerMODERATORasked 4 years ago
Custom response body for AWS bot controlasked a month ago
WAF blocking requests because of the ELB cookie valuesasked 2 months ago
Athena : HIVE_BAD_DATAasked 4 months ago
WAF rule that matches URI AND does NOT contain a string in a headerasked 2 years ago
AWS WAF URI regex don't matchasked 4 months ago
WAF is not blocking after string matchAccepted Answerasked 9 days ago
WAF rule statement unable to match Headerasked 8 months ago
WAF AWSManagedRulesATPRuleSet paramter VolumetricIpHigh tuningasked 2 months ago