Questions tagged with AWS WAF
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hi all,
I've tried looking for documentation but am not seeing anything specific. I would like to send a notification to various destinations (Teams channel and e-mail) whenever an AWS WAF Rate-Based...
1
answers
0
votes
228
views
asked 6 days agolg...
Hi all,
I'm working on an automation process that creates a **WAFv2 WebACL** whenever a **CloudFront distribution** is created, using **EventBridge** and **Step Functions**.
The automation should...
2
answers
1
votes
329
views
asked 9 days agolg...
Does Private Apple Relay IP counted under the AWS anonymous IP list managed rule group for the WAF ?lg...
How does the AWS anonymous IP list managed rule group for the WAF treat Private Apple Relay? Tying to understand if a Private Apple Relay IP would be counted under the managed rule...
0
answers
0
votes
213
views
asked 14 days agolg...
Hello,
I am trying to setup WAF IP blocking but just cannot seem to get it working at all. I have added my own IP and I can still access all our services just fine, from DBs to ECS to EC2 servers,...
Accepted AnswerAWS WAF
1
answers
0
votes
343
views
asked 16 days agolg...
How to use AWS WAF to prevent "awselb/2.0" server information exposure in HTTP response header?lg...
![vulnerability snapshot](/media/postImages/original/IM2QRdsK_0Tx-P4R-ruiM5jg)
We identified this vulnerability in our VAPT reports. unfortunately, AWS doesn't provide any option to remove the header....
3
answers
0
votes
578
views
asked 19 days agolg...
In AWS WAF, I'm trying to do a really simple regex to match a URI path but have it be case insensitive.
I am not a regex expert so it's possible this is wrong, but it tests ok at Regex101. And it's...
Accepted AnswerAWS WAF
1
answers
0
votes
387
views
asked 20 days agolg...
I'm currently using another company's VPS and Cloudflare as a CDN, but I've encountered security issues with my server. That's why I want to migrate my server to AWS EC2 and CloudFront. In my past...
1
answers
0
votes
598
views
asked a month agolg...
I followed the steps described in this documentation:
https://docs.aws.amazon.com/waf/latest/developerguide/waf-js-captcha-api.html
When a user tries to complete a Captcha verification on the JS...
1
answers
0
votes
441
views
asked a month agolg...
Hello.
I found an article stating that the maximum request rate for a web ACL is 25,000 per second. I want to know what happens if I exceed this limit in my requests.
Does the WAF respond with...
Accepted AnswerAWS WAF
2
answers
0
votes
370
views
asked a month agolg...
Good morning I have the following scenario protecting the cognito client_credential flow with additional programmatic control using cognito lambda triggers.
After a bit of testing and reading the...
1
answers
0
votes
614
views
asked a month agolg...
Currently we are facing a DDoS attack on our application every 3-4 days. We have configured a WAF rate limiting rule that seems to work correctly against our load testing tool but doesnt seem to block...
1
answers
0
votes
461
views
asked a month agolg...
We have a WAF set up in front of our API that is hosted in ECS/Fargate. One of the endpoints allows to upload (POST) an installer binary for our download area.
So far Windows installers work fine,...
Accepted AnswerAWS WAF
1
answers
0
votes
400
views
asked a month agolg...