By using AWS re:Post, you agree to the Terms of Use

AWS Network Firewall Managed Signatures



I am trying to configure statefull rule using the new AWS network firewall managed signatures . I am seeing that firewall is detecting some malicious traffic but its not blocked. Any idea how i can change the action to block or drop?


1 Answer

It sounds like your default action for the managed rule group is set to alert. You can set it to drop to block the traffic:

You may also need to check out your rule group ordering:

profile picture
answered 5 months ago
  • 0 thanks mike for helping me out. How can i set them to drop? I have disabled the run in alert mode. I don't see any other option

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions