The Web ACL can be associated with one or more AWS services. Web Access Control List can be used to protect set of AWS services.
Web ACL can be created by adding rules as the protecting strategy. Rules can be used to allow the matching request, block the matching request or just to count the matching requests.
Each rule contains a inspection criterian and an action to be taken if the request meets the criteria. The rules types - Regular Rule and Rate-based Rule. These conditions are ANDed to form a inspection criteria, where the inbound request should meet all the conditions inorder to match the rule. Rules are set of conditions which are compiled into a list. The requests are then either blocked or allowed based on these conditions. The conditions can be cross-site scripting match conditions, IP address(single or range of IP addresses), Geo match, size constraints (Header, HTTP Method, Query String, URI, Body), String matching, regex and SQL Injection. The monitoring element of the inbound request can be specified through Conditions. It is based on number of rules you deploy and the number of requests received. WAF provides flexibility, Integration and affordability. The CloudFront responds to the requests either with the content requested or 403 (HTTP Status code - Forbidden), based on the conditions you specify like IP addresses or any query strings.
It allows you to filter the web traffic with Rules and thus blocking the malicious requests. AWS WAF can be deployed on the Aplication Load Balancer, Amazon CloudFront and Amazon API Gateway. WAF distinguishes between harmful and legitimate requests by filtering both HTTP and HTTPS requests. この記事は公開されてから1年以上経過しています。情報が古い可能性がありますので、ご注意ください。ĪWS WAF is a Web Application Firewall that provides the security against common web attacks such as SQL Injection, Cross-Site Scripting.
0 kommentar(er)
