Search
Electromech Corporation
  • Home
  • About Us
  • Solutions
    • Case Study
      • Matrix ComSec Windows workload
      • SPINIXDIGITAL – Video on Demand
      • Frendy retail case study
      • WonWorld
      • Mexus Education – Education Portal
      • GTU windows workload
      • Physical Research Laboratory
      • Torrent Pharma
    • AWS Portfolio
      • AWS Solutions Services
      • AWS Training Certification
      • AWS Customer Success
      • Public Sector Focus
      • Education Sector Focus
      • Migration on AWS
      • Application Modernization
    • Open Source Solutions and Training
      • Ansible for Everyone – Traning and Certification
  • Blog
  • Events
  • Gallery
  • Careers
    • JOB DESCRIPTION OF FRONT OFFICE ADMIN
  • Contact Us
  • Home
  • About Us
  • Solutions
    • Case Study
      • Matrix ComSec Windows workload
      • SPINIXDIGITAL – Video on Demand
      • Frendy retail case study
      • WonWorld
      • Mexus Education – Education Portal
      • GTU windows workload
      • Physical Research Laboratory
      • Torrent Pharma
    • AWS Portfolio
      • AWS Solutions Services
      • AWS Training Certification
      • AWS Customer Success
      • Public Sector Focus
      • Education Sector Focus
      • Migration on AWS
      • Application Modernization
    • Open Source Solutions and Training
      • Ansible for Everyone – Traning and Certification
  • Blog
  • Events
  • Gallery
  • Careers
    • JOB DESCRIPTION OF FRONT OFFICE ADMIN
  • Contact Us
Electromech Corporation > Blog > TrendingPost > AWS -WAF (Web Application Firewall)

AWS -WAF (Web Application Firewall)

  • August 16, 2018
  • Posted by: nilesh vaghela
  • Category: TrendingPost
No Comments

AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to Amazon CloudFront or an Application Load Balancer. AWS WAF also lets you control access to your content.

 

  • Allow all requests except the ones that you specify – This is useful when you want CloudFront or an Application Load Balancer to serve content for a public website, but you also want to block requests from attackers.
  • Block all requests except the ones that you specify – This is useful when you want to serve content for a restricted website whose users are readily identifiable by properties in web requests, such as the IP addresses that they use to browse to the website.
  • Count the requests that match the properties that you specify – When you want to allow or block requests based on new properties in web requests, you first can configure AWS WAF to count the requests that match those properties without allowing or blocking those requests. This lets you confirm that you didn’t accidentally configure AWS WAF to block all the traffic to your website.

Using AWS WAF has several benefits:

  • Additional protection against web attacks using conditions that you specify. You can define conditions by using characteristics of web requests such as the following:
    • IP addresses that requests originate from.
    • Country that requests originate from.
    • Values in request headers.
    • Strings that appear in requests, either specific strings or string that match regular expression (regex) patterns.
    • Length of requests.
    • Presence of SQL code that is likely to be malicious (known as SQL injection)
    • Presence of a script that is likely to be malicious (known as cross-site scripting).
  • Rules that can allow, block or count web requests that meet the specified conditions. Alternatively,rules can block or count web requests that not only meet the specified conditions,but also exceed a specified number of requests in any 5-minute period.
  • Rules that you can reuse for multiple web applications.
  • Real-time metrics and sampled web requests.
  • Automated administration using the AWS WAF API.

The Basic components of the WAF are :

  1. Conditions :

Conditions define the basic characteristics that you want AWS WAF to watch for in web requests:

  • Scripts that are likely to be malicious. Attackers embed scripts that can exploit vulnerabilities in web applications. This is known as cross-site scripting.
  • IP addresses or address ranges that requests originate from.
  • Country or geographical location that requests originate from.
  • Length of specified parts of the request, such as the query string.
  • SQL code that is likely to be malicious. Attackers try to extract data from your database by embedding malicious SQL code in a web request. This is known as SQL injection.
  • Strings that appear in the request, for example, values that appear in the User-Agent header or text strings that appear in the query string.
  1. Rules :

You combine conditions into rules to precisely target the requests that you want to allow, block, or count. AWS WAF provides two types of rules:

Regular rule

Regular rules use only conditions to target specific requests. For example, based on recent requests that you’ve seen from an attacker.

Rate-based rule

Rate-based rules are similar to regular rules, with one addition: a rate limit. Rate-based rules count the requests that arrive from a specified IP address every five minutes. The rule can trigger an action if the number of requests exceed the rate limit.

  1. Web ACLs :

After you combine your conditions into rules, you combine the rules into a web ACL. This is where you define an action for each rule—allow, block, or count—and a default action

When a web request matches all the conditions in a rule, AWS WAF can either block the equest or allow the request to be forwarded to CloudFront or an Application Load Balancer. You specify the action that you want AWS WAF to perform for each ru

Leave a Reply Cancel reply

You must be logged in to post a comment.

AHMEDABAD

  • 302, New York Plaza, Opp. Judges Bunglow Road, Bodakdev Ahmedabad 380054 Gujarat India.
  • +91 9879 446 558 / +91 7574 877 958
  • inquiry@electromech.info

VADODARA

  • FF-22, Vardhaman Complex, Subhanpura Main Road, Subhanpura, Vadodara - 390006 Gujarat, India.
  • +91 9879 446 558 / +91 7574 877 958
  • inquiry@electromech.info

Ireland

  • 36 sapphire, the Grange Apartments, stillorgan, Dublin 18, Dublin, Ireland
  • +353 876484971
  • jay.d@electromech.info

Connect With Us on Social Media

Locate Us

Footer logo
Copyright © 2019. Electromech Corporation. All Rights Reserved. Powered by Technotery
  • Home
  • About Us
  • Solutions
  • Blog
  • Events
  • Gallery
  • Careers
  • Contact Us