By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

WAF managed rule to prevent dotenv vulnerability

0

Hi There,

Please help to identify which WAF managed rule is responsible to prevent dotenv scanning e.g.

Examples

/.env, /docker/.env, /anypath/.env

I was thinking that that this rule AWSManagedRulesCommonRuleSet would help, but while testing it doesn't work and allows scanning dotenv

Thanks!

Topics
Security, Identity, & Compliance
Tags
AWS WAF
Language
English
y0zg
asked 2 years ago665 views
2 Answers
0

Hi,

These are couple of Rule sets that do have certain calls to env coverage :

AWSManagedRulesUnixRuleSet
PHP RuleSet

we were not able to find anything specific for docker. However we would recommend you to consider managed rules and a base coverage using which you can write custom rules to meet any additional coverage that may be needed.

Here is the link which talks about managed rule groups : https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-use-case.html#aws-managed-rule-groups-use-case-posix-os

I hope this helps.

AWS
SUPPORT ENGINEER
Wilsina_R
answered 2 years ago
0

Hi There! Thank you for your answer! I added 2 more AWS managed rules AWSManagedRulesUnixRuleSet and AWSManagedRulesPHPRuleSet but still can access .env

curl -I  https://example.com/.env
HTTP/2 404
content-type: application/json

Any thoughts?

y0zg
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content