What is AWS WAF?
WAF is a web application firewall. AWS WAF allows you to allow, block, or count requests of web traffic coming into your application depending on the conditions and rules that you set. AWS WAF protects against common web attacks by monitoring and controlling unusual bot traffic and blocking common attack patterns such as SQL injection.
Features:
WAF consists of access control lists, rules, and rule groups. You can create rules that filter web traffic based on conditions such as;
IP address
HTTP headers and body
URI strings
SQL injection
Cross-site scripting
WAF provides real-time metrics and captures the raw requests as well as parsing request body JSON content to inspect specific keys or values in the content.
WAF also has proactive rules that can be set up such as rate-based blacklisting to automatically block bad traffic and respond immediately as incidents happen.
Learn how Trek10 can accelerate your Digital Transformation now.
Let's get started today!
Benefits:
Swift updates across your environment with minimal latency impact to incoming traffic.
AWS WAF Bot Control allows control and visibility over bot traffic to your applications. Block or rate-limit traffic from pervasive bots.
No software to deploy
Can choose to create your own rules or use pre-configured rules.
Real-time visibility
Can be configured with AWS WAF API or within the console
Pricing:
Pricing is based on how many rules you deploy and how many web requests your application receives.
A simpler way to get started with AWS WAF is to take a look at the WAF managed rules, these are pre-configured rules that make it easy to protect your applications from common threats and are automatically updated by AWS Marketplace security sellers to address issues such as OWASP Top 10 security risks.