AWS Marketplace: F5 Rules for AWS WAF - Web exploits OWASP Rules Comments

Sign in

Sign in

or

Create a new account

Categories

About What is AWS Marketplace?Why AWS Marketplace?Get started in AWS Marketplace Procurement options Cost management tools Governance & control features ??service_pages.dropdown.free_trials_en??Sell in AWS Marketplace

AI Agents & Tools AI Security Content Creation Customer Experience Personalization Customer Support Data Analysis Finance & Accounting IT Support Legal & Compliance Observability Procurement & Supply Chain Quality Assurance Research Sales & Marketing Scheduling & Coordination Software Development

Business Applications Blockchain Collaboration & Productivity Contact Center Content Management CRM eCommerce eLearning Human Resources IT Business Management Project Management

Cloud Operations Cloud Financial Management Cloud Governance

Data Products Automotive Data Environmental Data Financial Services Data Gaming Data Healthcare & Life Sciences Data Manufacturing Data Media & Entertainment Data Public Sector Data Resources Data Retail, Location & Marketing Data Telecommunications Data

DevOps Agile Lifecycle Management Application Development Application Servers Application Stacks Continuous Integration and Continuous Delivery Infrastructure as Code Issue & Bug Tracking Log Analysis Monitoring Source Control Testing

Industries Automotive Education & Research Energy Financial Services Healthcare & Life Sciences Industrial Media & Entertainment

Infrastructure Software Backup & Recovery Data Analytics High Performance Computing Migration Network Infrastructure Operating Systems Security Storage

IoT Analytics Applications Device Connectivity Device Management Device Security Industrial IoT Smart Home & City

Machine Learning Audio Computer Vision Data Labeling Services Generative AI Human Review Services Image Intelligent Automation ML Solutions Natural Language Processing Speech Recognition Structured Text Video

Professional Services Assessments Implementation Managed Services Premium Support Training

Delivery Methods API-Based Agents & Tools Amazon Machine Image EC2 Image Builder Component Amazon SageMaker AWS Data Exchange CloudFormation Stack Container Image Helm Chart Add-on for Amazon EKS Professional Services SaaS

Solutions AI Agents & Tools AWS Well-Architected Business Applications CloudOps Data & Analytics Data Products DevOps Digital Sovereignty Generative AI Infrastructure Software Internet of Things Machine Learning Managed Services Providers Migration Security

Industry ??industrySolutions.dropdown.advertising_and_marketing_en??Energy ??industrySolutions.dropdown.engineering_construction_and_real_estate_en??Financial Services Healthcare & Life Industrial ??industrySolutions.dropdown.life_sciences_en??Media & Entertainment Nonprofit ??industrySolutions.dropdown.power_and_utility_en??Public Health Public Sector ??industrySolutions.dropdown.retail_en????industrySolutions.dropdown.sustainability_en??Telecommunications

AWS Service Integrations AWS Control Tower AWS PrivateLink Pre-trained Amazon SageMaker Models

Resources All resources Developer tools & tutorials Blog Events & webinars Analyst reports Customer success stories Buyer guide Frequently asked questions

Your Saved List

Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Waste of time if you want to know why particular traffic is blocked

By Jat B
on 11/08/2018

Why did that particular IP address get blocked?

This is a question I get asked regularly by management. My usual route to the answer is checking for source ip addresses on abuse lists and then reporting on those.

For the rest of the traffic that gets blocked, I can't correlate the rule id that shows up in a log file with a rule name that's understandable by a human.

Yes, humans do still exist and some of them pay our salaries, so we need to let them know what's blocking (in some cases) legitimate traffic to their websites.

In my view, this is the case across the board when using the AWS WAF solution with managed rule groups. This service is not market ready.

It's all well and good saying there's a shared responsibility model but I've yet to find someone with an easy way to work out what rule blocked their traffic.

Not even F5 support or an AWS support person could tell me how to do this.