Networking & Content Delivery
Category: AWS WAF
Accelerate and protect your websites using Amazon CloudFront and AWS WAF
Internet users increasingly expect responsive web applications and APIs with lower latency and higher availability. Additionally, publicly accessible web applications and APIs are exposed to threats such as commonly occurring vulnerabilities described in the OWASP Top 10, SQL injection, automated requests, and HTTP floods (Denial of Service (DoS)) that can affect availability, compromise security, or […]
How to configure block duration for IP addresses rate limited by AWS WAF
Volumetric attack is one of the most common type of cyberattack, where a web application is overwhelmed with an enormous number of HTTP requests. This flood of excessive requests puts a strain on the application’s servers, leading to degraded performance, increased latency for legitimate users and in severe cases, resource exhaustion. AWS WAF’s rate-based rules […]
Using AWS WAF intelligent threat mitigations with cross-origin API access
AWS WAF offers advanced features for filtering undesired web application traffic, such as Bot Control and Fraud Control. These intelligent threat mitigations include techniques such as client-side interrogations using JavaScript challenges or CAPTCHA, as well as client-side behavioral analysis. Implementing these techniques on a web page with a same-origin access is simple. When a cross-domain […]
Mitigate Common Web Threats with One Click in Amazon CloudFront
You can now add AWS WAF protections to Amazon CloudFront distributions with one click. In this walkthrough, we will guide you through setting up and monitoring protections offered by this new feature along with pricing and additional security recommendations. This blog relates to Amazon CloudFront — a AWS service that you can use to deliver […]
Introducing AWS Verified Access – General Availability
Introduction AWS Verified Access enables customers to provide VPN-less, secure access to their corporate applications. We released it as a preview during AWS re:Invent 2022. Today, we are happy to announce that this service is now generally available (GA). Built using AWS Zero Trust principles, customers can use Verified Access to reduce the risks associated […]
Visitor Prioritization on e-Commerce Websites with CloudFront and CloudFront Functions
When we wrote the previous post (Visitor Prioritization on e-Commerce Websites with CloudFront and Lambda@Edge) five years ago, Visitor Prioritization was a relatively new concept. Since then, we saw a huge need for traffic shaping, throttling, and request prioritizing, especially in the gaming and media industries. Of course, e-Commerce sites still require this capability for […]
Geo-block Content Using Amazon Location and Edge Services
Organizations require methods to restrict access to content to adhere to compliance and regulatory requirements, sanctions, privacy laws, territorial ownership rights, security controls, etc. One way that companies restrict access is by Geo-blocking – restricting access to a website or another piece of content based on a user’s location. A popular method of geo-blocking content is […]
Secure and accelerate Drupal CMS with Amazon CloudFront, AWS WAF, and Edge Functions
In this post, you’ll learn how to secure and accelerate the delivery of Drupal-based websites using Amazon CloudFront, AWS Web Application Firewall (AWS WAF), and Amazon CloudFront Functions. CloudFront is a content delivery network service (CDN) offering improved security and acceleration of the content served through it. This is true for static cacheable content and […]
How to optimize content for search engines with AWS WAF Bot Control and Amazon CloudFront
Search engine crawlers – a special bot type used to index your site – are very important visitors. They make sure that your content is searchable by end users. If a crawler can’t easily read your content, then any updates you make might not be immediately reflected in the search results. Depending on the algorithms […]
Automating Domain Delegation for Public Applications in AWS
Security is top priority at AWS. Cybersecurity and digital risk management are the primary considerations of customers when ensuring that security and trust are always in place for a secure data and cloud infrastructure. These concerns are even more critical for public internet facing applications, which are accessed using a public domain. In AWS Cloud, […]