All Content tagged with AWS WAF

AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits and bots that may affect availability, compromise security, or consume excessive resources.

Content language: English

Select up to 5 tags to filter
Sort by most recent
392 results
Hello, When we associate WAF with ALB, we have a choice of "Fail Open" or "Fail Close". I could not find the same option when we associate WAF with Cloudfront. Did I fail to find the option? If we...
2
answers
0
votes
26
views
Rob
asked 6 days ago
I'm creating a multi tenant architecture. Each tenant will have their own cognito user pool. I want to associate each user pool with a single WAF ACL. Im guessing i could have up to 4000 user pools...
2
answers
0
votes
47
views
gazedge
asked 15 days ago
Hi! I am trying to pass the real client IP address of the request arrived at the ALB, so I can retrieve it from my web server in a header. Initially, I thought that the "remove" mode in the attribute...
2
answers
0
votes
42
views
asked 17 days ago
Hi everyone, In AWS WAF, I have a rate-based rule that blocks if requests coming from a source IP address exceed the threshold, which is 120 requests within 2 minutes. The rule is also blocking...
1
answers
0
votes
52
views
AKMin
asked 18 days ago
Is there a best practice to protect a non-AWS origin using AWS edge services? Looking to front a Azure origin with multiple domains registered with AWS R53 with both CloudFront and WAF. Hopefully down...
2
answers
0
votes
50
views
AWS
Josh_L
asked 20 days ago
Hi everyone, I have two publicly accessible EC2 instances: let's call them Instance A and Instance B. Instance A very frequently sends requests to instance B. And Instance B is sitting behind a Load...
1
answers
0
votes
50
views
AKMin
asked 25 days ago
I am following a similar workflow as show in [this](https://stackoverflow.com/a/77529522/4352701) StackOverflow post. I have an SPA that runs at `admin.example.com` with API requests (via an...
1
answers
0
votes
47
views
asked a month ago
Is there a way to check the log where the user changed the action of the rule for WebAcl?
1
answers
0
votes
42
views
nice
asked a month ago
Hi guys, As I see CloudFront itself have geographic restrictions under security tab. I wonder why we don't use WAF in this case.
1
answers
0
votes
70
views
profile picture
Bach
asked a month ago
Hi, I have a rest API deployed on ECS and fronted with an ALB. I set a rule on WAF to block DDOS attack. If there are more than 10 request in one minute, then the requests should block. However, it...
1
answers
0
votes
106
views
profile picture
Efe
asked a month ago
Hi all, We had a WAF review completed earlier this year, and are reviewing recommendations with a view to action. One of those is: Determine key performance indicators (KPIs) and workload metrics....
1
answers
0
votes
49
views
elfman
asked 2 months ago