AWS WAF is a web application filrewall that lets you monitor the HTTP and HTTPS requests that are forwarded to Amazon Cloudfront, and Application Load Balancer or API Gateway.
AWS WAF also let you control access to your content.
You can configure conditions such as what IP addresses are allowed to make this request or what query string parameters need to be passed for the request to be allowed.
Then the application load balancer or cloudfront or API gateway will either allow this content to be received or to give a HTTP 403 Status code.
At its most basis level, AWS WAP allow 3 different behaviours:
- Allows all requests except the one you specify.
- Block all request except the one you specify.
- Count the requests that match the properties you specify.
WAF Protection
Extra protection against web attacks using conditions you specify. You can define conditions by using characterstics of web requests such as:
- IP address that requests orignate from.
- Contry that requests originate from.
- Values in the request headers.
- Strings that apperar in request, either specific string or string that match regular expression(regex) pattern.
- Length of requests.
- Presence of SQL code that is likely to be malicious(known as SQL injection).
- Presence of a script that is likely to be malacious(Known as cross-site scripting).