AWS announces preview of AWS Interconnect - multicloud

AWS announces AWS Interconnect – multicloud (preview), providing simple, resilient, high-speed private connections to other cloud service providers. AWS Interconnect - multicloud is easy to configure and provides high-speed, resilient connectivity with dedicated bandwidth, enabling customers to interconnect AWS networking services such as AWS Transit Gateway, AWS Cloud WAN, and Amazon VPC to other cloud service providers with ease.

Troubleshoot with WAF WebACL log

Hi,

In our WebACL log, we keep seeing requests to our ALB from different countries but targeting the same host ip address in the request header. This ip seems to belong to AWS. Is there a way to find out what endpoint the requests are trying to reach? How did the spammers get the endpoints? And what can I do to protect our endpoints? Thanks.

romerogt
2 years ago
Wich field of the WebACL log are you considering that tells you "targeting he same host" ?

Topics: Security, Identity, & Compliance
Tags: AWS WAF Security, Identity, & Compliance
Language: English

blacktulip12

asked 2 years ago224 views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

Hello, Could you please clarify what do you mean by host IP address here? is it the IP address of the EC2 instance behind the load balancer or the IP of the load balancer node itself?

Jayaraj, Pranesh

answered a year ago

blacktulip12
a year ago
Hi Prenesh, we're using ECS services on Fargate behind the ALB which is protected by WAF. We can close this question now. I can't find the sample log any more.

Relevant content

Ability to log request headers in API Gateway access logs
AWS-User-6038919
asked 2 years ago
How to get source IP address on the website when traffic come.
Accepted Answer
AnujG
asked 2 years ago
WebACL/WAF rules for multi-tenant SaaS application
robtimism
asked 2 years ago
Block IP addresses in WAF if the client caused an excessive amount of 404 errors
Yarpen
asked 2 years ago
How do I sanitize AWS WAF logging?
AWS OFFICIALUpdated 5 months ago
How do I use AWS WAF to allow or block requests from a specific country or geolocation?
AWS OFFICIALUpdated 5 months ago
How do I analyze AWS WAF logs in Athena?
AWS OFFICIALUpdated a year ago
Why does AWS WAF block my request or respond with a 403 Forbidden error?
AWS OFFICIALUpdated 2 months ago
How to use AWS WAF labels to fine tune webACL?
EXPERT
Lei Pei
published a year ago
How can I analyze WAF logs to determine a baseline threshold when using rate-based rules
EXPERT
oreoaws
published 4 months ago

Troubleshoot with WAF WebACL log

Add your answer

Relevant content