Networking & Content Delivery
Category: AWS WAF
Optimizing web application user experiences with AWS WAF JavaScript integrations
AWS WAF Bot Control uses CAPTCHA and Challenge actions to undertake a browser interaction before permitting requests to protected resources. These actions can result in a poor user experience because of application errors or unexpected CAPTCHA completion when AWS WAF unexpectedly blocks requests. The AWS WAF JavaScript integrations give you the ability to control these […]
How to dynamically adapt your response to changing threat levels using AWS WAF
Customers use AWS WAF to protect their web applications and APIs. They typically use a mixture of managed rules and their own custom rules, and then tune them in order to prevent as much undesired traffic as possible from reaching their applications. This implementation and tuning exercise typically produces a web access control list (web ACL) that […]
Secure and accelerate your WordPress CMS with Amazon CloudFront, AWS WAF, and edge functions
Application owners often rely on content management systems (CMS) to publish and manage content on their websites. WordPress is the world’s most popular content management system. Originally launched as a blogging platform back in 2003, WordPress now powers 43% of all websites and controls a massive 64.3% of the known CMS market. The purpose of this […]
Protect against bots with AWS WAF Challenge and CAPTCHA actions
Protecting against bot threats requires insights into the client environment beyond what is available through network-level characteristics of a request, such as TCP or HTTP payload signatures. AWS WAF uses CAPTCHA and Challenge actions to undertake a client-side interaction, whether on a mobile device or browser, to understand this client environment before they can be […]
How to use Amazon Athena queries to analyze AWS WAF logs and provide the visibility needed for threat detection
Web application security is an ongoing process. AWS WAF enables real-time monitoring and blocking of potentially harmful web requests. Bot Control and Fraud Control use machine learning (ML) to detect and prevent sophisticated threats. Bot traffic can make up anywhere from 30% to 50% or even more of total web traffic. After enabling AWS WAF, […]
Introducing CloudFront Security Dashboard, a Unified CDN and Security Experience
As security threats have become more sophisticated and easier to scale, customers increasingly use Amazon CloudFront and AWS WAF together to improve the performance, resiliency, and security of their web applications and APIs. CloudFront is a Content Delivery Network (CDN) that reduces latency by delivering data to viewers anywhere in the world using one of […]
How to boost the performance and security of your dynamic websites with AWS edge services in a few steps
Customers use AWS edge services to improve the performance and the security of their websites. In certain cases, they appreciate being able to quickly set up a Content Delivery Network (CDN) and a Web Application Firewall (WAF) to stop a DDoS attack targeting their website, or to decrease page load times. And they prefer doing […]
Cost-effective ways for securing your web applications using AWS WAF
AWS WAF helps you protect against common web exploits and bots that can affect availability, compromise security, or consume excessive resources. Configuring AWS WAF in a cost-effective way has been a frequent topic of discussion among our customers. In this post, learn how to use the different components of AWS WAF to secure your web […]
Accelerate and protect your websites using Amazon CloudFront and AWS WAF
Internet users increasingly expect responsive web applications and APIs with lower latency and higher availability. Additionally, publicly accessible web applications and APIs are exposed to threats such as commonly occurring vulnerabilities described in the OWASP Top 10, SQL injection, automated requests, and HTTP floods (Denial of Service (DoS)) that can affect availability, compromise security, or […]
How to configure block duration for IP addresses rate limited by AWS WAF
Volumetric attack is one of the most common type of cyberattack, where a web application is overwhelmed with an enormous number of HTTP requests. This flood of excessive requests puts a strain on the application’s servers, leading to degraded performance, increased latency for legitimate users and in severe cases, resource exhaustion. AWS WAF’s rate-based rules […]