AWS WAF

What is AWS WAF?

WAF is a web application firewall. AWS WAF allows you to allow, block, or count requests of web traffic coming into your application depending on the conditions and rules that you set. AWS WAF protects against common web attacks by monitoring and controlling unusual bot traffic and blocking common attack patterns such as SQL injection.

AWS WAF Features:

WAF consists of access control lists, rules, and rule groups. You can create rules that filter web traffic based on conditions such as:

• IP address
• HTTP headers and body
• URI strings
• SQL injection
• Cross-site scripting

WAF provides real-time metrics and captures the raw requests as well as parsing request body JSON content to inspect specific keys or values in the content.

WAF also has proactive rules that can be set up such as rate-based blacklisting to automatically block bad traffic and respond immediately as incidents happen.

Benefits of AWS WAF:

• Swift updates across your environment with minimal latency impact to incoming traffic.
• AWS WAF Bot Control allows control and visibility over bot traffic to your applications. Block or rate-limit traffic from pervasive bots.
• No software to deploy
• Can choose to create your own rules or use pre-configured rules.
• Real-time visibility
• Can be configured with AWS WAF API or within the console

AWS WAF Pricing:

Pricing is based on how many rules you deploy and how many web requests your application receives.

A simpler way to get started with AWS WAF is to take a look at the WAF managed rules, these are pre-configured rules that make it easy to protect your applications from common threats and are automatically updated by AWS Marketplace security sellers to address issues such as OWASP Top 10 security risks.