Amazon Web Services: Blocking Web Traffic with WAF

For this tutorial I will be configuring WAF to block web traffic from a malicious source. AWS WAF service protects web applications from common exploits that affect availability, compromise security, or consume excessive resources. WAF monitor HTTP requests directed at Amazon Cloudfont or an Application Load Balancer, but this tutorial will be focusing on Load Balancer.

Click on AWS WAF

Create Web ACL

Click on "Configure web ACL"

In the input "Web ACL name" you will name the rule

For this rule, I will be naming "rule-1"

Create Condition

under conditition create a condition under "IP Match Condition"

Click "Create Condition"

When a popup appears. Under name I will be using "internet-host" and now enter the IP address.

Click Next to move to "Rules" section

Create Rule

Now I will associate the rule with the conditions previously created.

Now I will ensure the rule originates from the IP Address of the internet-host and make sure it "Allow all requests that don't match any rules" Then click on "Review and Create"

Click on "Confirm and Create"

Now the rule is created.