Link Search Menu Expand Document

Image from @awsgeek


WAF Basics

  • 📒 HomepageDocumentationFAQPricing
  • WAF (Web Application Firewall) is used in conjunction with the CloudFront and ALB services to inspect and block/allow web requests based on user-configurable conditions.
  • HTTPS and HTTP requests are supported with this service.
  • WAF's strength is in detecting malicious activity based on pattern-matching inputs for attacks such as SQL injections, XSS, etc.
  • WAF supports inspection of requests received through both IPv6 and IPv4.

WAF Tips

WAF Gotchas and Limitations

  • As of May 2019, AWS WAF is available on Amazon CloudFront and in 12 commercial AWS regions: US East (N. Virginia), US East (Ohio), US West (Oregon), US West (N. California), EU (Ireland), EU (Frankfurt), EU (London), EU (Stockholm), Asia Pacific (Tokyo), Asia Pacific (Sydney), Asia Pacific (Singapore), and Asia Pacific (Seoul).