Monitoring WAF allows you to log requests through a Kinesis Firehouse to various AWS services such as an S3 Bucket, Redshift, or the Elastic Search Service. There will be no indication to an attacker that the WAF is the one who explicitly blocked the request. Some resources, such as CloudFront, allow you to customize the default message. The 403 response varies based on the AWS resource type. If allowed, the request is forwarded onwards. If the WAF determines the request should be blocked based on rules applied, the AWS resource will generate a 403 response back to the client. The protected AWS Resource forwards the request it receives to the WAF. Those rules can be your own rules or provided by a 3rd party. The Web ACL contains a collection of rules which determine whether a given request should be allowed or blocked. Additionally, the API Gateway can act as an HTTP proxy allowing a WAF to protect any non-hosted AWS API as the traffic routes through the gateway.Īt the top level, the WAF consists of a Web ACL assigned to one or more supported AWS resources. As a result, it would lead to cleaner server application logs, common attacks mitigation, less traffic on the server instances, and most importantly, cost-cutting.ĪWS CloudFront allows the use of custom origins to serve content, which means you can have a WAF protect any server, even those not hosted on AWS. AWS Web Application Firewall (WAF) is a firewall designed to protect web applications and APIs against usually found web exploits that may compromise security, affect high availability, consume excessively, and exhaust existing resources.īy setting up a WAF, you would not only monitor and track the requests reaching your AWS resources, but you could also block or allow them to pass based predetermined set of rules.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |