Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

How do I configure a custom response in AWS WAF for web requests blocked by a specific rule?

3 minutos de lectura
0

I want to configure a custom response for requests that are blocked by a specific rule that's in an AWS WAF rule group.

Resolution

In the Count rule action, set the AWS WAF managed rule that you want to configure a custom response for. Then, create a custom rule below the managed rule group to generate the custom response. If the request matches the label that the managed rule generates, then the response is sent.

The following example sets a custom response for the AWS WAF managed rule CrossSiteScripting_QueryArguments in the core rule set (CRS) managed rule group.

Create a custom response message used by rule actions

Complete the following steps:

  1. Open the AWS WAF console in your AWS Region.
  2. In the navigation pane, choose Web ACLs, and then select your web access control list (web ACL).
  3. Choose Custom response bodies, and then choose Create custom response body.
  4. For Response body object name, enter a name.
  5. For Content type, choose Plain text.
    Note: The response body can be JSON, HTML, or plaintext.
  6. In Response body, enter your response message, and then choose Save.

Note: Amazon CloudFront and Amazon API Gateway also support custom responses. However, AWS WAF custom responses for Block actions take priority over any response specifications that are defined in your protected resource.

Create a custom rule to send the custom response

Complete the following steps:

  1. Open the AWS WAF console in your Region.
  2. In the navigation pane, choose Web ACLs, and then select your web ACL.
  3. Choose the Rules tab, and then choose Add rules.
  4. Choose Add my own rules and groups.
  5. For Rule type, choose Rule builder.
  6. For Name, enter a name for your rule.
  7. For Type, choose Regular rule.
  8. Choose the If a request dropdown list, and then choose matches the statement.
  9. Choose the Inspect dropdown list, and then choose Has a label.
  10. For Match scope, choose Label.
  11. For Match key, enter the rule label. For example, awswaf:managed:aws:core-rule-set:CrossSiteScripting_QueryArguments.
  12. For Action, choose Block for custom rules.
  13. Expand Custom response, and then choose Enable.
  14. For Response code, enter your response code, for example 307.
  15. (Optional) For Response headers, choose Add a new custom header.
  16. For Key, enter a header name.
  17. For Value, enter a header value.
  18. In Choose how you would like to specify the response body - optional, choose the dropdown list.
  19. Choose the custom response body, and then choose Add Rule.

Note: For a list of supported HTTP status codes for custom responses, see Supported status codes for custom response.

Related information

How do I create complex custom AWS WAF JSON rules?

AWS Managed Rules rule groups list

Why is my AWS WAF custom rule not working?

Customize requests and responses with AWS WAF

Temas
Seguridad, identidad y cumplimiento
Etiquetas
AWS WAF
Idioma
English
OFICIAL DE AWS
OFICIAL DE AWSActualizada hace 8 días
Sin comentarios

Contenido relevante