Block suspicious(specific) user-agent using AWS WAF

0

I want to block all requests with suspicious user-agent to access APIGW. For example, how can I make rule to block all requests with user-agent as

 "python-requests/2.27.1"

or other version of python-requests

Topics

Security, Identity, & Compliance Serverless Front-End Web & Mobile Networking & Content Delivery

Tags

AWS WAF Amazon API Gateway Amazon CloudFront

Language

English

asked 2 years ago3616 views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

0

Accepted Answer

The simplest way to do this is to create a string match condition and then check the User-Agent header against that condition.

EXPERT

answered 2 years ago

Relevant content

waf didn't block requests if block condition matched for first time
Techxonia
asked 2 years ago
WAF blocked request from instagram app
rePost-User-5832332
asked 2 years ago
How to block the request from a particular country using WAF
Athavan Theivendram
asked a month ago
Few WAF Rules (Fortinet Rules) are blocking web requests whenever I save a page
AWS-User-0421808
asked 2 years ago
How do I allow requests from a bot blocked by AWS WAF Bot Control managed rule group?
AWS OFFICIALUpdated 2 years ago
How do I use AWS WAF to block HTTP requests that don't contain a User-Agent header?
AWS OFFICIALUpdated 2 years ago
Why is AWS WAF blocking my request or responding with a 403 Forbidden error?
AWS OFFICIALUpdated 2 years ago
How do I allow or block requests from a specific country or geolocation using AWS WAF?
AWS OFFICIALUpdated 2 years ago
How to Create a Feature Request for AWS: A Step-by-Step Guide
EXPERT
Giovanni Lauria
published 22 days ago
AWS re:Post Live - Using Amazon Elastic Block Store (EBS) Optimally
EXPERT
AWS rePost Live
published a month ago