Questions tagged with AWS WAF
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
is there a way to customize the 403 error message that WAF puts out? Right now our clients are seeing:
<html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center>...
1
answers
0
votes
232
views
asked a month agolg...
I'm using the WebACL, that is included my rule group, and other account's rule group.
I know that i cannot read or modify the other's rule group, but when I try to add a new rule group or market rule...
1
answers
0
votes
213
views
asked a month agolg...
I have rechecked I don't have any I haven't set up any AWS WAF. Even not able to see under WAF any resource.
I am getting lots of bills hourly based for Global-RuleV2 and AWS WAF Global-WebACLV2.
how...
1
answers
0
votes
401
views
asked a month agolg...
Hello,
In the EC2 instance, there is an image processing API, and I associate a WAF on ALB, then configured the following rule in the WAF:
```typescript
const awsManagedRulesCommonRuleSet:...
2
answers
0
votes
442
views
asked a month agolg...
One of our client is trying to reach our application but they are not able to reach with 403 error.
We have enabled WAF for this application with a custom rule looking for X-Forwarded-For header...
2
answers
0
votes
367
views
asked 2 months agolg...
ConfigureRateBasedRule: CloudFormation did not receive a response from your Custom Resource. If you are using the Python cfn-response module, you may need to update your Lambda function code so that...
1
answers
0
votes
202
views
asked 2 months agolg...
I am analysing my waf logs and i want to ignore any requests coming from Amazon's web crawling bots
Could someone help me with that
Well i tried to reverse and forward DNS look up to verify an ip...
2
answers
0
votes
238
views
asked 2 months agolg...
I have deployed microservice application on ECS in Mumbai region but my customers are from Sri Lanka how can I block the access to the application from other countries except Sri Lanka, when I set Sri...
2
answers
0
votes
186
views
asked 2 months agolg...
I have a website that is behind ALB with WAF integration. Our vulnerability scan showed the following:
Website Does Not Implement HSTS Best Practices
**Recommendation:**
Implement HTTP Strict...
2
answers
0
votes
678
views
asked 2 months agolg...
I have done a security vulnerability scan against my hosted site behind ALB with WAF integration. The scan reported the following:
Content Security Policy (CSP)...
1
answers
0
votes
621
views
asked 2 months agolg...
Hello, I have built Talyaroofing.com but after 5 months it flagged as malicious and phising found on my website somehow when I do the search on virustotal.com. That was the reason that Comcast...
1
answers
0
votes
404
views
asked 2 months agolg...
Hello,
We're using Amplify for our app deployment and have set up a CloudFront distribution to filter traffic using WAF and limit access based on specific IPs, including local clients and an Elastic...
4
answers
1
votes
298
views
asked 2 months agolg...