Breaking News: Grepper is joining You.com. Read the official announcement!
Check it out

WAF

Add Answer
Pragya Keshap answered on February 21, 2023 Popularity 1/10 Helpfulness 1/10

Contents

  • answer WAF

    • More Related Answers

  • ens waf
  • ens waf
  • ens waf
  • ens waf
  • ens waf
  • ens waf

    • WAF

    Comment
    0

    WAF is a Web Application Firewall

    You can use AWS WAF to block, allow, or monitor HTTP/HTTPS requests based on various conditions such as IP address, request headers, and query strings.

    Its rule allow to block web exploits like SQL injection and XSS (cross site scripting).

    WAF can be put in front of CloudFront Distributions, ALBs, API Gateways and AppSync/GraphQL APIs.

    WAF Concepts:

    Web ACLs ( Access Control Lists ) are used to protect a set of AWS resources

    Rules are statements that define the criteria to inspect the request and the action to be taken (Allow, Block - or Count)

    Rule Groups allow reuse of rules, or logically grouping

    Managed Rule Groups are a set of predefined rules that have been created by AWS and other AWS Marketplace sellers (like for example the rule group to protect against OWASP Top 10 vulnerabilities)

    Managed rules, are ready to use, tried and tested and can save you a lot of time and effort.

    Web ACL Capacity Units ( WCUs) are the measure of the rule/statements complexity. The more intricate the rule from the inspection perspective, the more WCUs will be consumed.

    WebACLs have a limit of 1500 WCUs that can be used by their rules and rule groups. If a WebACL uses rules or rulegroups that exceed the WCU limit, they will fail - that's why a rule group - which is shareable across different Web ACLs, must have an immutable WCU limit set ( to prevent later changes could break WebACLs already using that group )

    Custom rules are rules and rule groups that you define yourself.

    IP Sets are collections of ID address and ranges to be used in a rule statement

    RegEx pattern set is a collection of regular exceptions

    Match statements compare the request or its origin against specific conditions, to determine if allowing or blocking the request from being forwarded to the origin.

    You can build your rules combining AND, OR and NOT arguments between nested statements.

    Rules can be regular or rate-based ( which will count the number of requests over a 5min period)

    Rules have a priority which you need to properly define so that the order of execution is correct.

    Rule priorities

    At the time of writing ( for Ireland region ) these are the costs for using WAF features:

    5 $ per month for each Web ACL

    1 $ per month per Rule

    0.60$ per million requests  

    Popularity 1/10 Helpfulness 1/10 Language whatever
    Source: Grepper
    Tags: waf whatever
    Link to this answer
    Share Copy Link
    Pragya Keshap
    Contributed on Feb 21 2023
    Pragya Keshap
    0 Answers  Avg Quality 2/10

    X

    Continue with Google

    By continuing, I agree that I have read and agree to Greppers's Terms of Service and Privacy Policy.
    X
    Grepper Account Login Required

    Oops, You will need to install Grepper and log-in to perform this action.