AWS Zero to Hero: Day 2
Amitabh soni
Task 1: Learn about AWS WAF and write a blog
AWS WAF (Web Application Firewall) is a cloud-based security service that helps protect web applications and APIs from common web exploits and bot traffic by allowing you to create rules to filter malicious traffic based on conditions like IP addresses, HTTP headers, and request content.
Here's a more detailed explanation:
Key Features and Functionality:
Protection against common web exploits:
AWS WAF helps protect against attacks like SQL injection, cross-site scripting (XSS), and other web vulnerabilities.
Customizable rules:
You can define rules to allow, block, or monitor web requests based on various criteria, such as IP addresses, request headers, and request content.
Integration with AWS services:
AWS WAF integrates with services like Amazon CloudFront, Application Load Balancers, and Amazon API Gateway.
Managed and custom rules:
You can use pre-configured rules (managed rule groups) or create your own custom rules to tailor protection to your specific needs.
Bot control:
AWS WAF includes features to help manage and control bot traffic.
Fraud control:
AWS WAF Fraud Control helps prevent account creation fraud and account takeover.
How it Works:
Web requests arrive at AWS WAF: When a web request comes in, it is inspected by AWS WAF.
Rules are evaluated: AWS WAF evaluates the request against the defined rules.
Action is taken: Based on the rule matches, AWS WAF can take actions like allowing, blocking, or counting the request.
Protected resources: The protected resources (like web applications and APIs) are shielded from malicious traffic.
Benefits of using AWS WAF:
Enhanced security: Protects web applications and APIs from common web exploits and bot traffic.
Improved availability: Helps prevent attacks that could lead to downtime or resource exhaustion.
Cost-effective: Provides a scalable and managed solution for web application security.
Simplified management: Integrates with other AWS services and provides a centralized console for managing security rules.
Want to learn more about it? Read this blog.
Task 2: Implementing AWS WAF for Web Application Protection
I have created a EC2 Template with user data 👇
#!/bin/bash sudo apt update sudo apt install nginx -y sudo echo "Hello Dosto! this server IP addresss is $(hostname -i)" > /var/www/html/index.html sudo systemctl restart nginxThis Bash script will Install the NGINX and deploy a simple web app which prints the IP of instance
After that I have created Auto Scaling Group so that I can be Scaled in or Scaled Out based on traffic on website.
The Auto Scaling Group creates Application Load Balancer with Internet facing which give the DNS URL to see the Application with Public domain
After that, I have created a WebACL to my Application Load Balancer with the AWS managed rule of BOT prevention to web application and it works properly
Here is the test result when I hit the app with bot, which got response has FORBIDDEN from my application, It means it is working properly.
images for proof :
This is for my Application load balancer app with DNS name :
This is for my Gemini-Clone Load balancer test where I did not attached WebACL for bot control and it give response as 200 ok, which mean my above app is now protected with BOT access.
Subscribe to my newsletter
Read articles from Amitabh soni directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
Amitabh soni
Amitabh soni
DevOps Enthusiast | Passionate Learner in Tech | BSc IT Student I’m a second-year BSc IT student with a deep love for technology and an ambitious goal: to become a DevOps expert. Currently diving into the world of automation, cloud services, and version control, I’m excited to learn and grow in this dynamic field. As I expand my knowledge, I’m eager to connect with like-minded professionals and explore opportunities to apply what I’m learning in real-world projects. Let’s connect and see how we can innovate together!