AWS WAF High Charge

Question

HI,
We have AWS EC2 instance with load balance and connected to VPC and Internet Gateway. I had configured WAF and restricted to Geo Location and allowed two specific country and except that on reject with one Rule. WAF configured with load balancer. Recently noticed in a 6M plus request processed by WAF and its reach to high billing and major request from Rejected Geo location. how can we avoid such type of issues

thanks

Answer

Hi UNAIS,

Here are a few things you can do to avoid high WAF billing and requests from rejected geo locations:

1. Enable WAF logging and analytics. This will give you visibility into the requests getting blocked and where they are coming from. You can use this to further tweak your WAF rules.

2. Implement CAPTCHAs or other challenge mechanisms on your application. This will add extra friction for bots and automated requests coming from invalid locations.

3. Tweak the WAF rules to only block requests that are clearly bots/scraping and allow more legitimate geo-located traffic, rather than broadly blocking all non-approved countries.

The key is to get visibility through logs, implement layered defenses, and tune WAF to be as permissive as possible while still protecting against clear threats. Blocking entire countries often backfires by blocking real users too.

Link: https://docs.aws.amazon.com/whitepapers/latest/guidelines-for-implementing-aws-waf/cost-considerations.html

AWS WAF High Charge

相關內容