Sign in
Categories
Migration Mapping Assistant Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help

F5 Rules for AWS WAF - Web exploits OWASP Rules

Protect against web exploits. F5 Web Exploits OWASP Rules for AWS WAF, provides protection against web attacks that are part of the OWASP Top 10, such as: SQLi, XSS, command injection, No-SQLi injection, path traversal, and predictable resource. Protect your applications and services with F5, the trusted... See more

Reviews from AWS Marketplace

3
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 3
Create Your Own Review

    Jat B

Waste of time if you want to know why particular traffic is blocked

  • November 08, 2018
  • Review verified by AWS Marketplace

Why did that particular IP address get blocked?

This is a question I get asked regularly by management. My usual route to the answer is checking for source ip addresses on abuse lists and then reporting on those.

For the rest of the traffic that gets blocked, I can't correlate the rule id that shows up in a log file with a rule name that's understandable by a human.

Yes, humans do still exist and some of them pay our salaries, so we need to let them know what's blocking (in some cases) legitimate traffic to their websites.

In my view, this is the case across the board when using the AWS WAF solution with managed rule groups. This service is not market ready.

It's all well and good saying there's a shared responsibility model but I've yet to find someone with an easy way to work out what rule blocked their traffic.

Not even F5 support or an AWS support person could tell me how to do this.


    luigi

Support page needs to be clarified

  • October 17, 2018
  • Review verified by AWS Marketplace

Support page needs to be updated , support isn't provided by AWS for an F5 service , have not found value from the product .


    Joseph

Doesn't work, block legitimate requests, no support

  • October 12, 2018
  • Review verified by AWS Marketplace

I added this set of rules to our Load Balancer ACL and some request with relatively large body were getting blocked. I contacted F5 support through the support page specified on this product page and no response.


showing 1 - 3