All Content tagged with AWS WAF
AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits and bots that may affect availability, compromise security, or consume excessive resources.
Content language: English
Filter content
Select tags to filter
Sort by
Sort by most recent
476 results
AWS OFFICIALUpdated 4 days ago0 votes30 views
This article shows you how to respond to AWS Trust & Safety abuse notifications for Amazon Elastic Compute Cloud (Amazon EC2) resources and implement preventative measures to reduce future incidents.
MikeLimEXPERT
published 15 days ago1 votes106 views
How to retrieve AWS WAF Bot Control (ABC) rule group labels
We are new to AWS WAF and trying to design a simple but effective rate-limiting strategy.
Our scenario is a bit tricky:
Our users access the application from both:
* Corporate networks (shar...
I’m trying to solve a problem with AWS WAF and want a sanity check.
Goal:
I don’t want to blindly allow “trusted” users, but I also don’t want false positives blocking real customers. I still wa...
Under what circumstances does CloudFront automatically create a WAF rule named CreatedByCloudFrontForDistributionecccccccccc-Geo-BlockRule regarding geographic restrictions?
We can confirm that we hav...
asked 25 days ago
Joanna KEXPERT
published a month ago0 votes150 views
How to setup alarms for AWS WAF `AWSManagedRulesAntiDDoSRuleSet`
Hi all,
We are currently experiencing a situation where a single external IP address is continuously sending a very high volume of requests (tens of thousands per minute) to our application behind Am...
Hi, I'm trying to understand a specific CloudFront routing behavior related to Host Header Injection, which was flagged as a vulnerability during a recent penetration test.
**My setup:**
* A CloudFro...
**Background**
I have an Application Load Balancer (ALB) with AWS WAF (Web ACL) attached. I configured a WAF rule called BlockInvalidPath that inspects the URI path and blocks requests that do not ma...
We are integrating the AWS WAF JavaScript SDK (challenge.js) with Bot Control TARGETED on a CloudFront-protected web application. The SDK loads successfully but token acquisition fails: the POST to mp...
Hello,
I cannot add any custom WAF rules.
I click the "validate" button and no error or warning is displayed.
When I click the "Add rule" button, nothing happens.
Any ideas why this happens?
Regards
I configured WAF "rate limit" as 10 and evaluation window as "5 minutes"
"RateBasedStatement": {
"Limit": 10,
"AggregateKeyType": "FORWARDED_IP",
"EvaluationWindowS...