An introduction into AWS WAF – Web Application Firewall
Amazon Web Services has a variety of product to help scale your website and keep it secure. The Web Application Firewall – WAF is one of the quickest ways you can help secure your site. One of the best features is Amazon’s built-in ruleset that help block web traffic to your site that doesn’t pass their security standards.
You can create custom rules and block traffic originating from a specific country or build an IP list and block traffic down to the individual IP address.
Here’s how to get started.
- Log in to your AWS console
- Search for AWS Firewall Manager
- Click the Get Started button to create your WAF ACL (Access Control List). You'll choose the AWS device that receives incoming web traffic that you'd like to protect, such as your load balancer.
- Provide a name for your WAF ACL and it will appear in the list.
- Next, click the Rules tab and then Add Rules to choose predefined AWS rule sets or define your own.
- Choose "Add my own rules and rule groups" for instance to create a rule set that blocks ( or allows ) traffic by country code.
- To restrict traffic from an IP address or IP range, choose IP sets from the AWS WAF menu, define the range and add the rule as one of your custom rule sets.
Amazon has provided a convenient overview guide where you can learn more.
If you're interested in applying technology within your business contact us for a free consultation.