You must be logged in to view saved presets
AWS WAF SQL Database Protection Rules
An AWS WAF Web ACL to protect applications with SQL databases. The Web ACL uses AWS Managed Rules to protect internet-facing applications. Web ACLs can be applied to CloudFront distributions, Application Load Balancers (ALBs), and API Gateways.
This Web ACL includes the following rules by default:
- SQL database: contains rules to block request patterns associated with exploitation of SQL databases, like SQL injection attacks. This can help prevent remote injection of unauthorized queries.
Select from the following options to ensure the appropriate configuration for your environment and application:
- Setting the scope to Regional or CloudFront depending on the resource you want to associate the Web ACL with.
- Use the Customize WAF Rules option to select the appropriate WAF rules to protect your application. Rules include general vulnerability and OWASP protections, known bad IP lists, specific use-cases such as WordPress or SQL database protections, and more.
- Set the visibility configuration settings for the Web ACL and for each rule to create matching CloudWatch metrics for monitoring the WAF rules.
- Enter the ARN for an Application Load Balancer (ALB), API Gateway or AppSync API to associate the newly created WebACL
Items
1
Size
0.8 KB
AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
WafWebAcl:
Type: 'AWS::WAFv2::WebACL'
Properties:
Name: WAF_SQL_Protection
Scope: REGIONAL
DefaultAction:
Allow: {}
VisibilityConfig:
CloudWatchMetricsEnabled: true
MetricName: WAF_Common_Protections
SampledRequestsEnabled: true
Rules:
- Name: AWSManagedRulesSQLiRule
Statement:
ManagedRuleGroupStatement:
VendorName: AWS
Name: AWSManagedRulesSQLiRuleSet
Priority: 0
OverrideAction:
None: {}
VisibilityConfig:
CloudWatchMetricsEnabled: true
MetricName: AWSManagedRulesSQLiRule
SampledRequestsEnabled: true
Parameters: {}
Metadata: {}
Conditions: {}
Actions
Customize Template
* Required field
© 2024 asecurecloud. All rights reserved.