Skip to content

Block suspicious(specific) user-agent using AWS WAF

0

I want to block all requests with suspicious user-agent to access APIGW. For example, how can I make rule to block all requests with user-agent as

 "python-requests/2.27.1"

or other version of python-requests

Topics: Serverless Front-End Web & Mobile Networking & Content Delivery Security, Identity, & Compliance
Tags: Amazon CloudFront Amazon API Gateway AWS WAF
Language: English

asked 4 years ago6.2K views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

0

Accepted Answer

The simplest way to do this is to create a string match condition and then check the User-Agent header against that condition.

EXPERT

answered 4 years ago

EXPERT

Adeleke Adebowale .J.

reviewed 2 years ago

Relevant content

WAF blocked request from instagram app
rePost-User-5832332
asked 4 years ago
How to redirect to custom block page for all AWS WAF block actions (including managed rule sets)
Accepted Answer
Georg
asked 2 years ago
waf didn't block requests if block condition matched for first time
Techxonia
asked 4 years ago
Pricing for WAF - blocking requests
jamescridland
asked 8 months ago
How do I allow requests from a bot that's blocked by an AWS WAF Bot Control rule group?
AWS OFFICIALUpdated 10 months ago
How do I use AWS WAF with Global Accelerator to block Layer 7 HTTP methods and headers from accessing my application?
AWS OFFICIALUpdated a year ago
How do I sanitize AWS WAF logging?
AWS OFFICIALUpdated 10 months ago
How do I use AWS WAF to allow or block requests from a specific country or geolocation?
AWS OFFICIALUpdated 10 months ago
How to use AWS WAF labels to fine tune webACL?
EXPERT
Lei Pei
published 2 years ago
AWS WAF ASN Matching: Professional Guide to Network-Origin Traffic Control
EXPERT
Arun Nagpal
published a year ago