Posted On: Mar 29, 2016
To allow, block or monitor web requests that contain malicious XSS code, create one or more XSS match conditions. An XSS injection match condition identifies the part of web requests, such as the URI or the query string that you want AWS WAF to inspect. Later in the process, when you create a web ACL, you specify whether to allow, block or count requests that appear to contain malicious XSS.
There is no additional charge to using this feature, the regular AWS WAF pricing applies. For more information, see Working with XSS match conditions in the AWS WAF Developer Guide.
Along with other features like SQL Injection match condition, IP condition, an any other string match conditions, AWS WAF now provides the most important capabilities to protect your web applications. In addition, customers can implement automated protection on AWS WAF using the Preconfigured Rules and Tutorials to further improve protection against HTTP floods, and other known bad actors on the internet.