Tag: AWS WAF

Application owners often rely on content management systems (CMS) to publish and manage content on their websites. WordPress is the world’s most popular content management system. Originally launched as a blogging platform back in 2003, WordPress now powers 43% of all websites and controls a massive 64.3% of the known CMS market. The purpose of this […]

Protecting against bot threats requires insights into the client environment beyond what is available through network-level characteristics of a request, such as TCP or HTTP payload signatures. AWS WAF uses CAPTCHA and Challenge actions to undertake a client-side interaction, whether on a mobile device or browser, to understand this client environment before they can be […]

Web application security is an ongoing process. AWS WAF enables real-time monitoring and blocking of potentially harmful web requests. Bot Control and Fraud Control use machine learning (ML) to detect and prevent sophisticated threats. Bot traffic can make up anywhere from 30% to 50% or even more of total web traffic. After enabling AWS WAF, […]

As security threats have become more sophisticated and easier to scale, customers increasingly use Amazon CloudFront and AWS WAF together to improve the performance, resiliency, and security of their web applications and APIs. CloudFront is a Content Delivery Network (CDN) that reduces latency by delivering data to viewers anywhere in the world using one of […]

AWS WAF helps you protect against common web exploits and bots that can affect availability, compromise security, or consume excessive resources. Configuring AWS WAF in a cost-effective way has been a frequent topic of discussion among our customers. In this post, learn how to use the different components of AWS WAF to secure your web […]

Internet users increasingly expect responsive web applications and APIs with lower latency and higher availability. Additionally, publicly accessible web applications and APIs are exposed to threats such as commonly occurring vulnerabilities described in the OWASP Top 10, SQL injection, automated requests, and HTTP floods (Denial of Service (DoS)) that can affect availability, compromise security, or […]

Volumetric attack is one of the most common type of cyberattack, where a web application is overwhelmed with an enormous number of HTTP requests. This flood of excessive requests puts a strain on the application’s servers, leading to degraded performance, increased latency for legitimate users and in severe cases, resource exhaustion. AWS WAF’s rate-based rules […]

AWS WAF offers advanced features for filtering undesired web application traffic, such as Bot Control and Fraud Control. These intelligent threat mitigations include techniques such as client-side interrogations using JavaScript challenges or CAPTCHA, as well as client-side behavioral analysis. Implementing these techniques on a web page with a same-origin access is simple. When a cross-domain […]

You can now add AWS WAF protections to Amazon CloudFront distributions with one click. In this walkthrough, we will guide you through setting up and monitoring protections offered by this new feature along with pricing and additional security recommendations. This blog relates to Amazon CloudFront — a AWS service that you can use to deliver […]

In this post, you’ll learn how to secure and accelerate the delivery of Drupal-based websites using Amazon CloudFront, AWS Web Application Firewall (AWS WAF), and Amazon CloudFront Functions. CloudFront is a content delivery network service (CDN) offering improved security and acceleration of the content served through it. This is true for static cacheable content and […]