Contact us

How we implement AWS WAF in our projects

by Yuval Oren, Co-Founder / CEO


If you are looking for a quick way to add security to your web application or APIs in AWS, then AWS WAF (Web Application Firewall) is a no brainer.

It offers:

  1. Geo-Blocking
  2. Managed rules against web-based attacks
  3. Bot Protection
  4. Login protection (depends on your use case)
  5. Fairly cheap (unless you have a very high-traffic site)

But it does come with a bit of risk - false positives.

This is a reason why we've seen some projects where they tried to set it up, got burned by the false positives, and then quickly disabled it forever.

This is a shame because if you do it correctly, it doesn't have to be that way.

Here is our dead simple process to introduce WAF to an existing environment.

Our 3-step process for implementing WAF

Count Scope-Down Block

The idea is simple:

  1. You enable the WAF and override all the rules to COUNT (meaning "log" the request instead of blocking it).
  2. Scope Down - Search the logs to identify false positives. Then, use Scope Down statements in the WAF rule set.
  3. Block - Once confident, remove the override for the rule sets.

It should take you a few days to complete the cycle but it sure is easier than doing it under fire.

Watch the video for the full demo.

More articles

AWS Geo Blocking with CloudFront and WAF

_In this post, I will show you how to use CloudFront or AWS WAF to enable geo-blocking (blocking based on geographical location) for your website or APIs._

Read more

Our Approach to Onboarding New DevOps Hires

What's the best way to onboard a new DevOps hire? Instead of having them aimlessly go through Confluence we have a better approach.

Read more

Tell us about your project

Schedule a call

Our offices

  • Israel
    5 Hatidhar St
    Ra'anana, Israel