Lab
A Cloud Guru

Using AWS WAF for Web Application Security

In this hands-on lab, you will begin deploying web applications at your company. But first, you need to set up a web application firewall (WAF) to protect against common threats detailed in the OWASP Top 10.

Try for free Contact sales

Path Info

Level

Intermediate

Duration

30m

Published

Dec 29, 2022

Challenge

Create a Web Access Control List
- In the AWS WAF console, select Create web ACL.
- Give the web ACL a name.
- Give CloudWatch metrics a name (or accept the default name).
- Select Regional resources.
- Click Next.
Challenge

Add AWS Managed Rules
- Click Add rules.
- Select Add managed rule groups.
- Click to expand AWS managed rule groups.
  - Select Core rule set.
  - Select Known bad inputs.
  - Select SQL database.
- Click Add Rules.
Challenge

Create Custom Rule for HTTP Header Injection
- Click Add rules.
- Click Add my own rules and rule groups.
- Name the rule HTTPHeaderInjection.

Author

A Cloud Guru

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.