Today's Topic is on AWS WAF.
What is AWS WAF?
AWS WAF (Web Application Firewall) is a service that protects web applications from malicious attacks by filtering and monitoring incoming traffic based on defined rules. It safeguards against common web vulnerabilities such as SQL injection, cross-site scripting, and more.
AWS WAF is a web application firewall that lets you monitor the HTTP(S) requests that are forwarded to your protected web application resources.
Example:
If you have a web application hosted on AWS, you can use AWS WAF to set rules that block requests from specific IP addresses or patterns commonly associated with attacks.
Project:
- Implementing AWS WAF for Web Application Protection
Scenario:
You need to secure a web application hosted on AWS against common web vulnerabilities using AWS WAF.
Requirements:
Set Up a Web Application:
- Deploy a sample web application on an EC2 instance in your AWS account.
Configure AWS WAF:
- Create an AWS WAF web ACL to define rules for blocking malicious requests.
Test AWS WAF:
- Generate test requests to the web application, including requests that match the defined WAF rules.
AWS Auto-Scaling using ASG, Application load balancer, and WAF (Web application Firewall).
Our project requires configuring the system to allow only external users to connect while blocking BOT requests. Additionally, our system needs to maintain a constant availability, ensuring at least one instance is always accessible. As the internet load fluctuates, our system should dynamically scale out and distribute traffic accordingly.
To achieve this solution, we require the following services:
· ASG (Auto Scaling Group): Amazon's service that aids in scaling out instances based on our needs.
-We need to create an andG group which create instance using AWS instance template which is already created from running system and whenever new get created it will create same instance. Also, we have set up same network group and default security group as current system so will not get any issue for port and necessary package.
· ALB (Application Load Balancer): This pivotal resource oversees system functionality, ensuring the desired number of instances is available.
-ALB only key resource to manage traffic, load, and monitors instance health will configure ALB and set desired sate, minimum and max scale out range which will achieve as per load/request. in our project we have set requirement if CPU utilization reached to 60% system will scale out and distribute the load.
· Target Group: A cluster where instances are generated upon increased traffic or load.
-Target group is important service where we provide our application load balancer details
· WAF (Web Application Firewall): Responsible for controlling and limiting external requests from both BOTS and users.
AWS WAF (Web Application Firewall) is a service that protects web applications from malicious attacks by filtering and monitoring incoming traffic based on defined rules. It safeguards against common web vulnerabilities such as SQL injection, cross-site scripting, and more.
-In our project we need to block BOT request will create new WAF and using AWS managed rule we used to block BOT request.
We have all set and now deployed project with the help of docker container and able to access web application through application load balancer DNS-name.
DAY 2 Completed, Challenge taken from GitHub Repo.
Take the same, and you will enjoy this journey 😉
Feel free to explore more of my content, and don't hesitate to reach out if need any assistance from me or in case of you have any questions.
Happy Learning!
~kritika :)