Questions tagged with AWS WAF
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
There's an endpoint blocked by AWS WAF. Let's say /api/services. In the logs, it's evident that it's being blocked due to the "size body" in the AWS Managed RuleSet. I've edited SizeRestrictions_BODY...
1
answers
0
votes
35
views
asked 9 hours agolg...
is there a way to customize the 403 error message that WAF puts out? Right now our clients are seeing:
<html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center>...
1
answers
0
votes
45
views
asked 11 hours agolg...
I'm using the WebACL, that is included my rule group, and other account's rule group.
I know that i cannot read or modify the other's rule group, but when I try to add a new rule group or market rule...
1
answers
0
votes
68
views
asked 4 days agolg...
I have rechecked I don't have any I haven't set up any AWS WAF. Even not able to see under WAF any resource.
I am getting lots of bills hourly based for Global-RuleV2 and AWS WAF Global-WebACLV2.
how...
1
answers
0
votes
301
views
asked 10 days agolg...
Hello,
In the EC2 instance, there is an image processing API, and I associate a WAF on ALB, then configured the following rule in the WAF:
```typescript
const awsManagedRulesCommonRuleSet:...
2
answers
0
votes
370
views
asked 10 days agolg...
One of our client is trying to reach our application but they are not able to reach with 403 error.
We have enabled WAF for this application with a custom rule looking for X-Forwarded-For header...
2
answers
0
votes
317
views
asked 16 days agolg...
ConfigureRateBasedRule: CloudFormation did not receive a response from your Custom Resource. If you are using the Python cfn-response module, you may need to update your Lambda function code so that...
1
answers
0
votes
152
views
asked 17 days agolg...
I am analysing my waf logs and i want to ignore any requests coming from Amazon's web crawling bots
Could someone help me with that
Well i tried to reverse and forward DNS look up to verify an ip...
2
answers
0
votes
139
views
asked 18 days agolg...
I have deployed microservice application on ECS in Mumbai region but my customers are from Sri Lanka how can I block the access to the application from other countries except Sri Lanka, when I set Sri...
2
answers
0
votes
134
views
asked 22 days agolg...
I have a website that is behind ALB with WAF integration. Our vulnerability scan showed the following:
Website Does Not Implement HSTS Best Practices
**Recommendation:**
Implement HTTP Strict...
2
answers
0
votes
597
views
asked 24 days agolg...
I have done a security vulnerability scan against my hosted site behind ALB with WAF integration. The scan reported the following:
Content Security Policy (CSP)...
1
answers
0
votes
483
views
asked 24 days agolg...
Hello, I have built Talyaroofing.com but after 5 months it flagged as malicious and phising found on my website somehow when I do the search on virustotal.com. That was the reason that Comcast...
1
answers
0
votes
375
views
asked a month agolg...