AWS WAF is a managed web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to your protected web application resources. Dur to its simplicity and ease of use, you can deploy, configure and get it running within minutes.
You can protect the following resource types
An internet facing web applications
External API Gateways
AWS CloudFront CDN
Application Load balancers
That's not it, we can use AWS WAF to protect our on-premises resources too!
With AWS WAF, you can create security rules that control bot traffic and block common attack patterns such as SQL injection or cross-site scripting (XSS)
AWS WAF can be deployed for plenty of use cases for additional security of your deployed services and applications. To list out of a few:
Web traffic filtering
AWS WAF lets you create rules to filter web traffic based on conditions that include IP addresses, HTTP headers and body, or custom URIs. This gives you an additional layer of protection from web attacks that attempt to exploit vulnerabilities in custom or third party web applications. In addition, AWS WAF makes it easy to create rules that block common web exploits like SQL injection and cross site scripting.
Bot Control
AWS WAF Bot Control is a managed rule group that gives you visibility and control over common and pervasive bot traffic that can consume excess resources or perform other undesired activities. With just a few clicks, you can block, pervasive bots, such as scrapers, scanners, and crawlers, or you can allow common bots, such as status monitors and search engines.
Real-time Visibility
AWS WAF is fully integrated with Amazon CloudWatch, making it easy to setup custom alarms when thresholds are exceeded or particular attacks occur. Also, AWS WAF's does provide real-time metrics and capture raw requests that include details about IP addresses, geo locations, URIs, User-Agent and Referrers.
