Finally, the solution also support that you manually add IP ranges that you want to block in advance like well know bot networks. This function also exposes execution metrics in CloudWatch so you can monitor how many request entries were processed and the number of origins blocked. This process is executed by a lambda function that processes application’s access log files in order to identify bad requesters. Please refer suggestions for improvement to that repository.Ī solution that automatically detects unwanted requests based on request rate, and then updates configurations of AWS WAF (a web application firewall that protects any application deployed on Amazon CloudFront content delivery service) to block subsequent requests from those users. NOTE: This solution has been integrated into the AWS WAF Security Automations, and is now maintained in that repository. This examples AWS CloudFormation templates contains basic AWS WAF rule examples. For more information, please review the Use AWS WAF to Mitigate OWASP's Top 10 Web Application Vulnerabilities whitepaper. You should customize the template’s rules for each workload.
However, note that this template is designed only as a starting point and may not provide sufficient protection to every workload. This example AWS CloudFormation template contains an AWS WAF web access control list (ACL) and condition types and rules that illustrate various mitigations against application flaws described in the OWASP Top 10. These examples include SDK usage, AWS CloudFormation templates and automations using AWS Lambda functions. Examples of sets of rules for the AWS WAF service and scripts to automate the management and configuration of AWS WAF rule sets.
0 kommentar(er)
