CloudFront テンプレートを利用したWAFの初期ポリシー設定

http://docs.aws.amazon.com/ja_jp/waf/latest/developerguide/tutorials-common-attacks.html

AWSコンソールにログイン

URLを開く

https://ap-northeast-1.console.aws.amazon.com/cloudformation/home?region=ap-northeast-1#/stacks/new

スタックの作成







作成後、WAFを紐付ける

https://console.aws.amazon.com/waf/
作成されているACLを選択



CloudFrontにしか適応できないよ。

定義されているACLs

  • CommonAttackProtectionLargeBodyMatchRule
    • The length of the Body is greater than 8192.
  • CommonAttackProtectionManualIPBlockRule
    • none
  • CommonAttackProtectionSqliRule
    • URI contains SQL injection threat after decoding as URL.
    • Body contains SQL injection threat after decoding as HTML tags.
    • Query string contains SQL injection threat after decoding as URL.
    • Body contains SQL injection threat after decoding as URL.
    • Query string contains SQL injection threat after decoding as HTML tags.
  • CommonAttackProtectionXssRule
    • Body contains a cross-site scripting threat after decoding as HTML tags.
    • Query string contains a cross-site scripting threat after decoding as HTML tags.
    • Query string contains a cross-site scripting threat after decoding as URL.
    • Body contains a cross-site scripting threat after decoding as URL.
    • URI contains a cross-site scripting threat after decoding as URL.

その他サンプル
https://github.com/awslabs/aws-waf-sample

results matching ""

    No results matching ""