Questions tagged [amazon-waf]

AWS WAF is a web application firewall service that monitors web requests for Amazon CloudFront distributions and restricts access to content. Use AWS WAF to block or allow requests based on conditions, such as the IP addresses that requests originate from or values in the requests.

Documentation: https://aws.amazon.com/documentation/waf/

258 questions

votes

0 answers

How do I host a static website on S3 with an ACL?

I'm currently hosting a project of mine on S3 and that results in a URL like: https://s3.eu-central-1.amazonaws.com/my-project/index.html Using Cloudfront, I'm able to make this a lot nicer so that I can access this page using…

amazon-s3 amazon-cloudfront amazon-waf

asked Jun 11 '18 at 14:04

Stephan Bijzitter

4,425
5
24
44

votes

0 answers

Lambda that creates ELB WAF Rule

I am pretty new to AWS, sorry for dump question. I have found Documentation about Create WAF Rule API Request Syntax: { "ChangeToken": "string", "MetricName": "string", "Name": "string" } I assume above is the request body. What is the…

amazon-web-services aws-lambda amazon-elb amazon-waf

asked Apr 24 '18 at 14:55

Rudziankoŭ

10,681
20
92
192

votes

1 answer

block all access to staging server

I have a staging server on AWS that sits behind AWS WAF, I have created a rule to block all IP's and have tried to add 0.0.0.0/0 but get an invalid CIDR when trying to save it. http://cidr.xyz/ shows it is invalid What is the correct way to block…

amazon-web-services amazon-waf

asked Feb 20 '18 at 10:58

khinester

3,398
9
45
88

votes

1 answer

AWS WAF with cloudfront

I am trying to block my ip address via WAF and using cloudfront. It should block the IP address I need to know whether it is neccessary to change dns configuration file with the new domain name cloudfront provides ?

amazon-web-services amazon-cloudfront amazon-waf

asked Dec 08 '17 at 14:39

Pooja Jain

votes

2 answers

Where are AWS WAF API calls documented?

I would like to put an AWS WAF in front of a web site served by CloudFront. I will need to update this WAF via automated calls though its API. Where is this API documented? I quickly found the Making HTTPS Requests to AWS WAF or Shield Advanced…

amazon-web-services amazon-waf

asked Nov 29 '17 at 18:52

WoJ

27,165
48
180
345

votes

1 answer

SOAP web service request blocked by AWS web app firewall cross site scripting rule

The following request was blocked by AWS web app firewall cross site scripting rule. But what is suspicious? All seem normal to me! POST /package.asmx HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol…

amazon-web-services soap xss amazon-waf

asked Nov 27 '17 at 23:18

user788454

votes

1 answer

WAFStaleDataException from Java SDK but the same token works with CLI

My code first gets the change token to be used final AWSWAFRegional waf = AWSWAFRegionalClientBuilder.defaultClient(); final String changeToken = waf.getChangeToken(new GetChangeTokenRequest()).toString(); It then uses the token to update…

java amazon-web-services aws-lambda amazon-waf

asked Jul 25 '17 at 12:44

dr34m3r

votes

1 answer

NodeJS Lambda Region WAF IPSetID

I am new NodeJS and trying to alter this sample provided by AWS for reputation list updates however it is specific to CloudFront Global Region only. https://github.com/awslabs/aws-waf-sample/tree/master/waf-reputation-lists I have made the changes…

node.js aws-lambda aws-sdk aws-sdk-nodejs amazon-waf

asked Jun 05 '17 at 14:20

Sphinx's

votes

1 answer

Cloudformation not launching WAF stack in required region

I am trying to launch a stack via AWS CloudFormation using these provided sample stack(s) for…

amazon-web-services aws-cloudformation amazon-waf

asked Mar 21 '17 at 14:32

Meraj Rasool

votes

1 answer

AWS CloudFront for Ddos attacks

I am using AWS cloudfront for serving my content for java based web application. When I access my content via cloud front my application is working fine, but when I route my whole web application via cloud front it's giving the following…

amazon-web-services amazon-ec2 amazon-cloudfront amazon-waf

asked Feb 21 '17 at 11:54

Satish P

-1

votes

1 answer

Site24x7 website shows down when enabling waf on AWS ELB

Site 24x7 shows website down when we enable waf on AWS ELB. Does any one has any idea what will be the cause. I have tried removing multiple rules from waf and found out below rules which causing the issue. Does anyone have idea about this…

amazon-web-services monitoring amazon-waf site24x7

asked Feb 02 '23 at 12:54

vinayak bachhav

-1

votes

2 answers

AWS WAF Log Utilisation + Penetration Testing with Web Applications

How can AWS Web Application Firewall help me in identifying which penetration testing I should use against my web application. Once i have access to the WAF Logs, how can I best utilise it to identify penetration testing.

amazon-web-services penetration-testing amazon-waf

asked Nov 02 '21 at 14:56

Acire

-1

votes

1 answer

AWS CDK use csv file with IPs in IPSET

I want to add to my IPSet 20+ IP addresses from csv file and i want to configure it from CDK. My csv file looks like that: "1.12.3.155/32" "1.12.3.0/18" "2.22.3.0/22" And my code for IPset in cdk: with open('./test/test-ips.csv', 'r') as fin: …

python amazon-web-services amazon-waf

asked Sep 26 '21 at 13:28

hightest

-1

votes

2 answers

How to block website for particular IPs through aws WAF

I'm running a website "www.example.com" on classic load balancer and behind classic load balancer attached EC2 instances, and also using a cloudfront assets.example.com for static data. I noticed in nginx access logs some IPs are scraping the data…

amazon-web-services amazon-cloudfront web-application-firewall amazon-waf

asked Sep 14 '20 at 12:53

rajeev singh

-1

votes

2 answers

Query to convert AWS WAF timestamp in AWS Athena

How to query the AWS WAF logs timestamp from Unix timestamp to normal time?

amazon-web-services amazon-athena amazon-waf

asked Jul 15 '20 at 18:06

Arunkumar

Prev 1 2 3

…

18 Next