Questions tagged with AWS WAF
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hi There,
Please help to identify which WAF managed rule is responsible to prevent dotenv scanning e.g.
Examples
```
/.env, /docker/.env, /anypath/.env
```
I was thinking that that this rule...
2
answers
0
votes
756
views
asked 2 years agolg...
How to block IP address permanently if WAF blocks request of that IP after matching a rate limit rule. Currently , I see manually listing that IP adresses in IP set details under AWS Waf. Instead of...
1
answers
0
votes
1824
views
asked 2 years agolg...
Hi,
I have purchaced the Fortinet AWS managed rules to protect my EBS environment. I have created this environment with ALB in order to connect WAF with it. Once I add Fortinet managed rules I do not...
1
answers
0
votes
518
views
asked 2 years agolg...
Using locust , I made WAF test on my application. I made a rate limit based rule to block IP if requests exceed 100 in a default 5 minute window. When I tested with concurrency 400 with spawn rate...
1
answers
0
votes
1367
views
asked 2 years agolg...
I've noticed that if you enable the "Windows Operating System" rule group from the "AWS Managed Rules" rule group against your Web ACL in WAF that SNS notifications generated by AWS Textract are...
0
answers
0
votes
121
views
asked 2 years agolg...
Hello,
Is anyone else having issues with the Synthetic Canaries being blocked by the AWS WAF Managed Rules' AWSManagedIPReputationList and/or AWSManagedReconnaissanceList?
Is there a way to let the...
2
answers
1
votes
1445
views
asked 2 years agolg...
Hi all, is it possible to protect say a Cloudfront distro that's in a different account to the one that the WAF is in, please?
For example, can I add a load balancer into the remit of the WAF from...
3
answers
0
votes
3008
views
asked 2 years agolg...
Getting 403 Forbidden errors when trying to send emails through SES with the word "select" in themlg...
We started having a strange problem in the last few hours. We send transactional emails through SES. One of the email templates we use has the word "select" in it. Example:
```
Reservations are free...
1
answers
0
votes
614
views
asked 2 years agolg...
Hi, I created a Web ACL with one rule to allow traffic only on some enpoint, and the default ACL action is to block requests that don't match the rule.
```
## Rule
Field to Match: URI Path
Regular...
1
answers
1
votes
2568
views
asked 2 years agolg...
Does WAF warn administrators of new rules that are added by AWS? Is there a way to disable new rules by default, then turn new rules on if you like?
3
answers
0
votes
449
views
asked 2 years agolg...
Hi there,
Is there any services or Web application firewall that can improve the security of the application without touch the web app itself.
So far I only know Cloudfront is able to generate a...
3
answers
0
votes
534
views
asked 2 years agolg...
Hello,
I'm testing some rules on AWS WAF. As with the custom rules (such as URI), I can configure them successfully.
However, when I add another "**label**" rule inside this custom rule, it can...
2
answers
1
votes
579
views
asked 2 years agolg...