WAF
AWS

AWS WAF

Implements WAF.

IaaSVirtual AppliancePhysical Appliance

AWS WAF is a web application firewall that protects applications and APIs from common exploits such as SQL injection and cross-site scripting. It filters traffic using customizable rules and AWS Managed Rules, and can guard resources fronted by CloudFront, API Gateway, or Application Load Balancer. Rate-based rules and bot control help defend against volumetric and automated attacks at the application layer.

Capabilities

  • Block OWASP Top 10 exploits (SQLi, XSS, RCE)
  • Managed and custom rule sets
  • Rate limiting, bot control, and geo-blocking
  • Inspect and log HTTP(S) requests at layer 7

Primitive

WAFThis component is an implementation of WAF. Visit the primitive to learn more about what purpose it serves.

Related services · AWS

AWS Firewall
AWS ELB
AWS CloudFront

Alternatives

GCP Armor
AZ WAF