AWS Certified Solutions Architect - Professional 2020

Sign Up Free or Log In to participate!

How to protect against malformed request

How can we protect against malformed requests?

A) Using Shield Standard

B) Use an AWS WAF rule with string match conditions

C) Create lamba function to identify malformed requests and update AWS WAF rules to block the IPs of the malicious traffic

Which is the most correct?

What is malformed request anyway?

AK

What is a malformed request. After reading a couple of blogs it seems option C is the best. 1) https://softwareengineering.stackexchange.com/questions/350554/tackling-malformed-requests 2) https://kinsta.com/knowledgebase/400-bad-request/. But I am curious to know if option B simple and correct option rather than option C. Thanks

3 Answers

Malformed request is the requests that can’t be process by your servers such request containing invalid headers. The option C looks most correct to me. You could use the CloudFront to distribute your web sites, and have the CloudFront to publish the access logs to the S3; you can enable event notification on the bucket and have a Lambda function subscribe to the event to read the logs file and then update your WAF ACL.

vault0109

I think you can use the WAF to provide protections against some layer 7 attacks such as cross site, SQL injection by itself. I don’t think you can use the WAF alone to protect against malformed requests.

Water

just to clarify, you can create WAF rules against specific headers so it is an option

Both WAF and ELB can check for malformed requests

B

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?