Questions tagged [amazon-waf]
9 questions
1
vote
1 answer
DDOS AWS API Gateway protection
I have publicly exposed API Gateway (HTTP). To authenticate you have to provide a valid JWT.
I want to secure this APIGW with Cloudfront + WAF. After reading docs I think that API Gateway endpoint is still exposed to the Internet. The only thing…
krzysiexp
- 13
1
vote
1 answer
AWS CloudWatch parse JSON case insensitive
On the WAF section of the AWS console there is a tab for "CloudWatch Log Insights" that provides a few sample queries. One of these is "Top 100 hosts".
fields @timestamp, @message
| parse @message '{"name":"Host","value":"*"}' as host
| stats…
ficuscr
- 125
1
vote
1 answer
AWS Managed Rule Pricing
I completely read the AWS page for AWS WAF pricing, however I am still not sure how much would it cost if I create a single AWS WAF and hire just the AWS Managed Rule Set "Core Rule Set"
As I understand it should be 5 US/month for the WAF and just 1…
Matias Haeussler
- 113
0
votes
0 answers
AWS WAF v2 not stopping after matching a rate limit rule
I'm setting up a WAF for an API. I want to have different rate limits depending on the source of the traffic. Some traffic comes from Vercel and want to have a higher threshold compared to the traffic that comes directly. What I see is that when a…
Augusto
- 225
0
votes
1 answer
AWS Waf BotControl Token Absent even with token?
Refer to pictures above. My users are facing problem sometimes even when token exists and is sent along as header. This is an ajax request, and I made sure that it will getToken() first, then proceed with ajax on return of the promise.
Why will…
Patrick Teng
- 13
0
votes
1 answer
What are the options for Layer 7 DDoS protection of AWS resources
The following are my assumptions based on AWS docs. It's only because the docs do not precisely address my questions that I'm here asking.
AWS WAF (whether used directly or via Shield Advanced) is what AWS provides as a service.
The pricing…
Ash
- 129
0
votes
1 answer
How to get DDOS+WAF protection on IP/server (not domain)
I've used CloudFlare and it's great.
But in this specific case we control the server IP address but we don't own the domain so can't use CloudFlare unfortunately because the domain owner isn't ready to migrate his DNS to CloudFlare.
I would really…
michaelr524
- 161
0
votes
0 answers
Handling DDoS HTTP Attack
I’ve experiencing DDoS attack today and I’ve configured Cloudflare rate limiter, also activated WAF. Cloudflare blocked several hundred thousands request. Unfortunately, my server still experiencing pretty high flood request. I don’t know why it…
Putra
- 1
- 1
0
votes
1 answer
Do AWS WAF logs capture all traffic, or just rule matches?
I want to implement some AWS WAF rules but I need more knowledge of the quantity (origin, resource, etc) of requests that come through my loadbalancer.
Can I skip ALB logs and get logs for requests to ALB using WAF? Or, does WAF only produce logs…
JoeS
- 11