This document discusses securing web applications with AWS WAF. It begins by explaining why a web application firewall (WAF) is needed to protect against bad users and application vulnerabilities while allowing good users. It then defines what AWS WAF is, noting that it allows users to block or allow web requests and monitor security events. AWS WAF provides APIs and a console for easy configuration of rules to protect websites and content while integrating with development workflows. The document outlines the steps to set up AWS WAF, including creating a web ACL, adding rules and match conditions, and assigning it to CloudFront. It notes the pay-as-you-go pricing model for AWS WAF.
8. What is WAF?
Application DDoS
Good Users
Bad Guys
Web Server Database
WAF
WAF Rules:
1: BLOCK Request from Bad Guys
2: ALLOW Requests from Good Guys
14. Block or Allow Web Requests Monitor Security Events
AWS WAF
15. New API & Console Protect Websites & Content
AWS WAF
Amazon CloudFront
16. Benefits of AWS WAF
Practical Security
Made Easy
Customizable &
Flexible
Integrate with
Development
17. Setting Up AWS WAF
1. Create a
web ACL
2. Add a Rule 3. Add Match
Conditions
4. Assign to
CloudFront
18. Setting Up AWS WAF
1. Create a
web ACL
1. BLOCK requests
1. BLOCK requests
1. BLOCK requests
2. COUNT requests
DEFAULT: ALLOW
2. Add a Rule
originating from …
that have …
AND are …
that are
AND are NOT from …
that have
3. Add Match
Conditions
Blacklisted IPs
SQLi in query String
Login Requests
Admin Requests
IL Office IPs
SQLi in query String
4. Assign to
CloudFront
for any request to
d123.cloudfront.net
19. Pay for what you use
• $5 per WebACL $1 per Rule per month
• Reuse across with no additional charge
• Use more rules for more visibility
• $0.60 per million requests
• Typical Monthly Bill:
• Test Environment (1 Rule): $6 per month
• Small Site (6 rules 58M views): $46 per month
• Medium Site (6 rules, 260M views): $167 per month