- Newest
- Most votes
- Most comments
Hello jjshen,
- Implement Pre-Signup Lambda Triggers for additional validation, like CAPTCHA, to deter bots.
- Enable Multi-Factor Authentication (MFA) to complicate automated signups.
- Use API Gateway rate limiting to control the rate of signup requests.
I'm here to help.
Here are some approaches you can consider:
Enable CAPTCHA Verification https://docs.aws.amazon.com/waf/latest/developerguide/waf-captcha-and-challenge.html :- Enabling CAPTCHA verification for the signup form in your application helps to differentiate between human users and automated bots by requiring users to complete a challenge, such as selecting specific images or entering text from a distorted image.
Implement Email or SMS Verification https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html :-This adds an extra layer of authentication and helps to ensure that only legitimate users can complete the signup process.
Implement Fraud Detection https://aws.amazon.com/it/blogs/machine-learning/prevent-fake-account-sign-ups-in-real-time-with-ai-using-amazon-fraud-detector/ : Integrate with fraud detection services or use machine learning models to detect and block suspicious signup attempts in real-time. You can use AWS services like Amazon Fraud Detector to build custom fraud detection rules and models tailored to your specific use case.
Monitor Usage and Set Budget Alerts https://docs.aws.amazon.com/cognito/latest/developerguide/create-a-cloud-watch-alarm.html : Regularly monitor your AWS usage and set up billing alerts to notify you if your Cognito costs exceed a certain threshold. This can help you proactively manage and control your expenses related to Cognito usage.
Additionally, staying vigilant and continuously monitoring your Cognito environment will help you detect and respond to any suspicious activity in a timely manner.
Relevant content
- asked a year ago
- asked 4 years ago
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
Hello Vitor, Thank you very much for your reply. I've been working on implementing the first piece of advice you shared, which involves integrating Pre-Signup Lambda Triggers into my Cognito user pool. The logic implemented by lambda is: if the number of users in the userpool exceeds 3, an exception will be thrown and signup will stop. Given that my user pool already contains three users, I proceeded to attempt the addition of a new user through my Vue application. I think the Pre-Signup Lambda Triggers did work, because I truly received an exception in my browser. But the new user are still added in to my userpool with their confirmation status marked as "confirmed". Could you give me some information about what‘s wrong with my code? ========Lambda Code============= import json import boto3 def lambda_handler(event, context): # TODO implement cognito_client = boto3.client('cognito-idp') user_pool_id = 'ap-northeast-1_******' response = cognito_client.list_users( UserPoolId=user_pool_id, AttributesToGet=[], Limit=0 ) user_count = len(response['Users'])