Create custom rule for Web ACL

0

I want to create custom rule that will restrict body size limit greater then 10 MB. how can i do that.

bala
已提問 2 個月前檢視次數 348 次
2 個答案
4

To create a custom Web ACL (Access Control List) rule in AWS WAF (Web Application Firewall) that restricts the body size of incoming requests to a maximum of 10 MB, you can follow these steps:

**Step-by-Step Guide

Navigate to the AWS WAF Console:**

Go to the AWS Management Console.

Open the AWS WAF & Shield console.

Create a New Web ACL (if you don’t have one):

Click on Create web ACL.

Select the appropriate Regional or CloudFront scope based on your requirement.

Enter a name and select the resource to associate with the Web ACL.

**Add Rules to the Web ACL:

** Once the Web ACL is created, go to the Rules tab.

Click on Add rules.

Select Add my own rules and rule groups.

Create a New Rule:

Click on Create rule.

Enter a rule name.

Choose Regular rule.

Configure Rule Statement:

In the Statement section, select Size constraint.

Set the Field to match to Body.

Set the Match type to Greater than.

Enter 10485760 (10 MB in bytes) as the size.

Choose Byte as the unit.

Set the Action for the Rule:

In the Action section, select Block to block requests with a body size greater than 10 MB.

Add the Rule to the Web ACL:

Save the rule.

Go back to the Web ACL and add the newly created rule to the list of rules in the Web ACL.

**Save and Deploy: ** Review the Web ACL and the rules.

Click on Save and deploy the Web ACL.

專家
已回答 2 個月前
1

You can filter out requests based on their size by following the step-by-step instructions in this document article section: https://docs.aws.amazon.com/waf/latest/developerguide/waf-oversize-request-components.html#waf-oversize-request-components-blocking

You'll need to select "Body" as the request component to be inspected in this case.

專家
Leo K
已回答 2 個月前
  • what should i select in content type ?

  • You can select "plain text". It shouldn't matter, because the contents aren't being inspected, only its declared size is.

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南