AWS re:Post Knowledge Center Feedback Survey

Help us improve the AWS re:Post Knowledge Center by sharing your feedback in a brief survey. Your input can influence how we create and update our content to better support your AWS journey.

Setting up Web AcL to challenge direct traffix

Hi, I would like to setup a web acl to challenge only direct traffic. Eg traffic with no referrer. There does not seem to be any option to configure traffic by referrer in the dashboard that I can see

Topics: Networking & Content Delivery Security, Identity, & Compliance AWS Well-Architected Framework
Tags: AWS WAF Networking & Content Delivery Security
Language: English

Tom

asked 3 years ago534 views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

You can reference this blog for referer checking(Approach1, step 3 explains how to Create a string match condition on Referer.): https://aws.amazon.com/blogs/security/how-to-prevent-hotlinking-by-using-aws-waf-amazon-cloudfront-and-referer-checking/

Varun Mehta

answered 3 years ago

Tom
3 years ago
Unfortunately that is very out of date
Varun Mehta
3 years ago
Are you looking for anything specific? For Defense in depth using AWS Managed Rules for AWS WAF, you can reference this link: https://aws.amazon.com/blogs/security/defense-in-depth-using-aws-managed-rules-for-aws-waf-part-1/

Relevant content

Clicking Add rule with the rule builder for a Web ACL in AWS WAF does nothing (no errors), the browser console shows WAFLimitsExceededException, we have no other WAFs
williama
asked 4 years ago
What happens if the maximum request rate per second for the web ACL is exceeded?
Accepted Answer
Ryuji
asked 2 years ago
Elastic Beanstalk Health degrading due to Web ACL rules blocking bad requests
Jorgen
asked a year ago
How to analyse rate limit on WAF Web ACL for ALB
Accepted Answer
SpaceVerse
asked a year ago
How do I restrict direct traffic to an Application Load Balancer and only allow traffic through CloudFront?
AWS OFFICIALUpdated 9 months ago
How do I resolve issues with my web ACL in a Firewall Manager AWS WAF policy?
AWS OFFICIALUpdated 2 months ago
Why can't I connect to a service when the security group and network ACL allow inbound traffic?
AWS OFFICIALUpdated 2 years ago
Why aren't the subnet network ACLs in my VPC allowing traffic through the transit gateway?
AWS OFFICIALUpdated 4 years ago
AWS WAF ASN Matching: Professional Guide to Network-Origin Traffic Control
EXPERT
Arun Nagpal
published 10 months ago
Directing AWS Global Accelerator Traffic to a Secondary Network Interface of an EC2 Instance
EXPERT
Derek Ziehl
published a year ago

Setting up Web AcL to challenge direct traffix

Add your answer

Relevant content