- Newest
- Most votes
- Most comments
AWS WAF uses MaxMind's GeoIP databases to determine the geographic location of IP addresses for its geo-match functionality. While MaxMind updates their database frequently, AWS WAF does not immediately sync these updates. The exact schedule for AWS WAF to update its geolocation data from MaxMind is not publicly disclosed.
However, it's important to note that there can be a delay between MaxMind's database updates and when these changes are reflected in AWS WAF's geolocation determinations. This delay can sometimes extend beyond 24 hours.
If you're experiencing persistent issues with specific IP addresses being incorrectly geolocated, you have a few options:
-
Wait for the AWS WAF geolocation data to update naturally. This may take some additional time beyond the 24 hours you've already waited.
-
Consider creating a custom rule in your Web ACL that explicitly allows traffic from the specific IP addresses in question. This rule should be placed at a higher priority than your geo-matching rules to ensure these IPs are allowed through regardless of their perceived geolocation.
-
If the issue persists and is causing significant problems, you may want to contact AWS Support for further assistance. They may be able to provide more specific information about update schedules or investigate if there's an issue with the geolocation data for your particular case.
Remember that while geolocation data is generally accurate, it's not perfect and can sometimes be affected by factors such as VPN usage or dynamic IP allocation by ISPs. For critical applications, it's often advisable to have additional verification methods beyond just IP-based geolocation.
Sources
Geographic match rule statement - AWS WAF, AWS Firewall Manager, and AWS Shield Advanced
Issue with Geographic Restrictions on CloudFront Distribution | AWS re:Post
Relevant content
- asked 3 years ago
- asked 4 years ago
- AWS OFFICIALUpdated 3 years ago
