'How to use AWS WAF to block certain URLs

I am trying to use AWS WAF to block requests with certain URL patterns. I am using the string matching filter, but it is not blocking the requests. I must be doing it incorrectly.

Here is what I am trying to block: https://xxx.domain.com/

A good url would be: https://xxx.domain.com/something/something

The URL with nothing after the .com slash is never used in this example and is only hit by malicious traffic.

How do I use WAF to block these requests?

amazon-waf


Solution 1:[1]

  1. You can configure rules based on Referrer or Origin
  2. Use regex based rule example *.domain.com
  3. Take action to Block

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Purna

Related Questions

Terraform update Route53 DOMAIN NameServers

Terraform update Route53 DOMAIN NameServers

Terraform update Route53 DOMAIN NameServers

Amazon AWS S3 to Force Download Mp3 File instead of Stream It

How to enable terraform module only with a specific workspace

AWS RDS Postgres: WAL_LEVEL not set to 'logical' after changing rds.logical_replication = 1

Use terraform to set up a lambda function triggered by a scheduled event source

Use terraform to set up a lambda function triggered by a scheduled event source

Self stopping EC2 once task complete?

AWS - SWF - Asynchronous method

Why my cloudformation template is over 1 MB?

AWS elastic beanstalk - WARN install EACCES: permission denied, access '/tmp/.npm'

Aws step functions - Resume from failed step function activity instead of starting a new execution

Redirect Elastic Beanstalk URL to domain name

node-lambda - TypeError: handler is not a function