How do I allow a dynamic IP address from a provider or partner when using the anonymous IP list in AWS WAF?

0

Dear all,

I am facing issues with the partner sending requests to our resource that the anonymous IP list rule has blocked. As per checking, our partner is using dynamic IP so it's challenging to whitelist their IP. Do you have any advice to filter better than whitelist?

Thank you for your answer.

Sreyny
feita há 10 meses451 visualizações
1 Resposta
1

Hi, if possible, you may want your partner to add a custom header or a query string parameter (what come after the ? in URL) that you agree upon in the request as per https://docs.aws.amazon.com/waf/latest/developerguide/classic-web-acl-regex-conditions.html

Then, you filter on the presence of this header. This has some limitations as some hacker may fake the specific header of param that you add.

So, optimal solution is provided by the "Intelligent Threat API" but it's more demanding sincet his API needs to integrated in the application. See https://docs.aws.amazon.com/waf/latest/developerguide/waf-js-challenge-api.html

Your use case will dictate the amount of work that you want / can inject in your new WAF filtering

Best, Didier

profile pictureAWS
ESPECIALISTA
respondido há 10 meses
  • Thank Didier for your answer,

    Based on your command the custom is possible to set but it's related to the security lake if the hacker can fake the header param and Intelligent Threat API it's related to extra cost.

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas