May 29, 2020 / Nirav Shah
<h2><b>AWS WAF – Web Application Firewall Setup, Features, Rules, Pricing</b></h2>
AWS WAF is a web application firewall that helps protect your applications from attacks. In WAF, there are pre-configured rules which help to allow, block or monitor specific IPs. And these rules are applied to protect applications from common threats like application vulnerabilities like OWASP, bots, or Common Vulnerabilities and Exposures (CVE).
<h2>a.AWS WAF allows the following feature:</h2>
<em>Web traffic filtering</em>:- They filter the ip and if the ip are not mentioned on rule they can block it. AWS WAF allows you to create a centralized set of rules that you can deploy across multiple websites.
<em>Real-time visibility</em>:- AWS WAF provides real-time output that include details about IP addresses, geo locations, URIs. AWS WAF is fully integrated with Amazon CloudWatch, so that you can easily set up custom alarms when thresholds are exceeded or particular attacks occur.
Before we set up on AWS console in some time, we have to keep in mind:
<ul class=”listing”>
<li>AWS WAF is integrated with AWS CloudFront – which supports custom origins outside of AWS.</li>
<li>You can configure custom error pages.</li>
<li>Real time metrics can be monitored from <a class=”linkcolor” href=”https://cloudacademy.com/blog/centralized-log-management-with-aws-cloudwatch-part-1-of-3/” target=”_blank” rel=”noopener”>CloudWatch.</a></li>
<li>AWS WAF can inspect HTTPS traffic.</li>
</ul>
<h2><strong>b.AWS WAF set up on console</strong></h2>
Now Let’s see how we set up on console
Select “WAF & Shield” on AWS console.
<img class=”img-responsive” src=”https://www.eternalsoftsolutions.com/blog/wp-content/uploads/2020/05/Firewall-1.png” alt=”AWS console select WAF & Shield” />
Click “Go to AWS WAF”
<img class=”img-responsive” src=”https://www.eternalsoftsolutions.com/blog/wp-content/uploads/2020/05/Firewall-2.png” alt=”AWS WAF and AWS shield” />
Select “Web ACLs” from the AWS WAF console
<img class=”img-responsive” src=”https://www.eternalsoftsolutions.com/blog/wp-content/uploads/2020/05/Firewall-3.png” alt=”AWS WAF console Web ACLs” />
Click “Create web ACL” and Enter “Web ACL name” and select “Region”. When you have decided which resource should be attached to the Web ACL, select “AWS resource to associate” and then click “Next”.
<img class=”img-responsive” src=”https://www.eternalsoftsolutions.com/blog/wp-content/uploads/2020/05/Firewall-4.png” alt=”AWS console name web ACL” />
Now you have to select some WAF Conditions,
<img class=”img-responsive” src=”https://www.eternalsoftsolutions.com/blog/wp-content/uploads/2020/05/Firewall-5.png” alt=”WAF Conditions selection options” />
<h2><strong>c.WAF Rules</strong></h2>
Once you are done with configuring conditions, you can create a rule and attach it to your web ACL. You can attach more than one rule to an ACL.
<img class=”img-responsive” src=”https://www.eternalsoftsolutions.com/blog/wp-content/uploads/2020/05/Firewall-6.png” alt=”Add rules to WAF web ACL” />
On the last page, review your settings and click “Confirm and create”
<img class=”img-responsive” src=”https://www.eternalsoftsolutions.com/blog/wp-content/uploads/2020/05/Firewall-7.png” alt=”Review and confirm create WAf console” />
<h2><strong>d.Web application firewall Pricing</strong></h2>
First, you pay only for what you use. There are no minimum fees and no upfront commitments. Your costs will depend on three major variables:
<ul class=”listing”>
<li>Number of Web ACLs: each Web ACL will cost you $5/month.</li>
<li>Number of Rules: $1.00 per rule per web ACL per month.</li>
<li>Request Count: $0.60 per million web requests.</li>
</ul>
<strong>Summary</strong>
In this blog, we explained steps to create a Web ACL and the process of setting up an AWS console.
<strong>Also Read:</strong> <a href=”https://www.eternalsoftsolutions.com/blog/aws-nat-instance-and-configuration/”><span style=”font-weight: 400;”>AWS NAT Instance And Configuration</span></a>
<strong>FAQs:</strong>
<span style=”font-weight: 400;”>Q.1 Which aws services can use aws waf?</span>
<span style=”font-weight: 400;”>Q.2 What is the difference between aws waf and aws shield?</span>
<span style=”font-weight: 400;”>Q.3 When to use aws waf?</span>
<span style=”font-weight: 400;”>Q.4 How much does aws waf cost?</span>
Nirav Shah is the Director of Eternal Web Pvt Ltd, an AWS Advanced Consulting Partner and certified Odoo Partner based in the UK. With over a decade of experience in cloud computing, digital transformation, and ERP implementation, Nirav helps enterprises adopt the right technology to solve complex business challenges. He specialises in AWS infrastructure, Odoo ERP, and web development solutions for businesses across the UK and beyond.
Have queries about your project idea or concept? Please drop in your project details to discuss with our AWS Global Cloud Infrastructure service specialists and consultants.
