Chloe McAree (McAteer)
Published on

AWS Web Application Firewall (WAF)

Authors

This is part of a blog series giving a high level overview of the different services examined on the AWS Solution Architect Associate exam, to view the whole series click here.

WAF Summary

WAF Logo

  • Allows you to add an extra layer of protection to your web applications or APIs against web attacks from common exploits.

  • Gives you control over the access to your content by allowing you to create security rules to block attacks.

  • Allows you to monitor HTTP & HTTPS requests forwarded to CloudFront, load balancers or API Gateway.

  • Pay for what you use, based on the amount of rules you have and requests your applications receives.

  • In WAF you can set up rules to control the traffic by either only allowing what you specify or only blocking what you specify. Alternatively, you can count the requests that match a certain pattern.

  • AWS also provides managed rules that you can use to get stated quickly, these are fully pre-configured and cover things like the OWASP Top 10 Security risks.

WAF Conditions

Conditions are used in WAFs to specify when you want to allow/block requests. Below are some examples of conditions that you might:

  • Values on the request header

  • The country a request comes from

  • Specific IP addresses

  • Strings that appear in requests

  • Length of the request

  • Presence of SQL code

  • Presence of a script