Home › Forums › AWS › AWS Certified Solutions Architect Associate › Possibly misleading question about WAF › Reply To: Possibly misleading question about WAF
-
Hello an-user,
Thanks for your feedback.
Using WAF is still valid. Providing an IP address to whitelist/blacklist is optional; you can set and combine conditions other than IP matching such as inspecting for a specific header value, query parameters, body, method, etc. Matching requests will also count towards the rate-limit threshold that you configure. It’s also possible that the suspicious IP addresses are within the same CIDR range. If this is the case, you can set a range of IP addresses to block when creating a rule.
Regards,
Carlo @ Tutorials Dojo
- This reply was modified 2 years, 1 month ago by Carlo-TutorialsDojo.