Questions tagged with AWS WAF
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hello,
I've enabled the AWS WAF service in my project. I've also set the rule action of HostingProviderIPList Rule in AWSManagedRulesAnonymousIpList
as "Challenge." After analyzing the WAF logs from...
1
answers
0
votes
95
views
asked 2 days agolg...
Hi,
We are using WAF Web ACL rules that are receiving all requests to our Load Balancer and filtering them (ALLOW or BLOCK). However there are some application requests which we are 100% sure that...
3
answers
0
votes
240
views
asked 3 days agolg...
Hi all,
I would like to hear your approaches when applying a rate-based rule via AWS WAF.
What are the best ways to permanently block IP addresses that trigger the RBR? I would also like to send...
2
answers
0
votes
388
views
asked 8 days agolg...
I have set up a WAF to protect my API with targeted bot control. I use the fetch wrapper `AwsWafIntegration.fetch()` to call the api, however when I call the API from localhost the WAF responds with a...
0
answers
0
votes
361
views
asked 9 days agolg...
Hi
- We had associated the ACFP managed rule group to an existing Web ACL.
Got the integration URL as shown in screenshot below.
Issue:
- As shown in the screenshot below, there is only option to...
0
answers
0
votes
169
views
asked 9 days agolg...
I want to create custom rule that will restrict body size limit greater then 10 MB. how can i do that.
2
answers
0
votes
173
views
asked 10 days agolg...
Hi all,
I've tried looking for documentation but am not seeing anything specific. I would like to send a notification to various destinations (Teams channel and e-mail) whenever an AWS WAF Rate-Based...
1
answers
0
votes
382
views
asked 17 days agolg...
Hi all,
I'm working on an automation process that creates a **WAFv2 WebACL** whenever a **CloudFront distribution** is created, using **EventBridge** and **Step Functions**.
The automation should...
2
answers
1
votes
458
views
asked 20 days agolg...
Does Private Apple Relay IP counted under the AWS anonymous IP list managed rule group for the WAF ?lg...
How does the AWS anonymous IP list managed rule group for the WAF treat Private Apple Relay? Tying to understand if a Private Apple Relay IP would be counted under the managed rule...
0
answers
0
votes
331
views
asked 25 days agolg...
Hello,
I am trying to setup WAF IP blocking but just cannot seem to get it working at all. I have added my own IP and I can still access all our services just fine, from DBs to ECS to EC2 servers,...
Accepted AnswerAWS WAF
1
answers
0
votes
479
views
asked a month agolg...
How to use AWS WAF to prevent "awselb/2.0" server information exposure in HTTP response header?lg...
![vulnerability snapshot](/media/postImages/original/IM2QRdsK_0Tx-P4R-ruiM5jg)
We identified this vulnerability in our VAPT reports. unfortunately, AWS doesn't provide any option to remove the header....
3
answers
0
votes
840
views
asked a month agolg...
In AWS WAF, I'm trying to do a really simple regex to match a URI path but have it be case insensitive.
I am not a regex expert so it's possible this is wrong, but it tests ok at Regex101. And it's...
Accepted AnswerAWS WAF
1
answers
0
votes
543
views
asked a month agolg...