Жыл бұрын
Жыл бұрын
2 жыл бұрын
2 жыл бұрын
3 жыл бұрын
3 жыл бұрын
3 жыл бұрын
3 жыл бұрын
Пікірлер
@danchisholm1 2 ай бұрын
excellent pithy, info-packed video. ty!!
@CarlosAzuax 2 ай бұрын
great tutorial, thank you!
@fabiodbr 4 ай бұрын
great content... keep posting!
@SaeedTahin 5 ай бұрын
Great explanation! Thanks.
@healthvative5315 5 ай бұрын
Awesome! Is possible to redirect 40+ URLs to redirect to the same website using lambda and cloudfront? For example /old.url/product/api/index.html to /new.url/api/authentication/config/index.html#group. Thanks
@the-aws-ninja 5 ай бұрын
You can certainly create a URI match WAF rule for each, with a custom 307 response to the new URI
@VisonWu 6 ай бұрын
Very very useful!!!!!
@AnkurBhatia-z3b 7 ай бұрын
I get a 405 CORS error
@Kira-gc2er 8 ай бұрын
Hello i have an ec2 instance. How do i link the instance to the waf?
@the-aws-ninja 8 ай бұрын
Either put an ALB on top of it, or better use CloudFront. Attach WAF to either ALB or CloudFront
@ShahzadRasul-uo7gu 8 ай бұрын
Great video - you really understand what your talking about! Sad havne't seen new vids for 2 years
@RonnyPortillo 9 ай бұрын
hello! It works in Elastic Beanstalk apps?
@the-aws-ninja 9 ай бұрын
You can certainly use WAF on top of ALB
@chrisvickerson9207 Ай бұрын
@@the-aws-ninja do you need to aggregate on "IP Address in Header"? For some reason whenever I target the header "X-Forwarded-For" it feels like the rule never matches. If I leave it at "Source IP Address" I think this is my ELB IP address.
@andresanez6558 10 ай бұрын
Awesome content
@milanminchev7112 10 ай бұрын
Do I need to point the aws instance/domain somewhere after creating the rules ? I mean I have a single web apache server in aws ec2, this rules will apply automatic without pointing to the instance or I need to point this rules to the instace/domain ?
@the-aws-ninja 10 ай бұрын
I need to attach the web acl to a CloudFront distribution or an ALB, and they should point to your instance. If it's just a single server, CloudFront is cheaper and better in your case.
@solo-yl8uc 10 ай бұрын
thank you so much
@tal.klinger 11 ай бұрын
Amazing!
@wuffgang5333 Жыл бұрын
do you need to integrate some javascript for the captcha showing up in the browser? or does it work out of the box
@the-aws-ninja Жыл бұрын
By default, it just works out of the box. If you want to have the captcha show as a part of the webpage, there is an sdk for it.
@jcprangue9070 Жыл бұрын
hi thanks for this video, question is this aws shield / waf apply in all ec2 servers?
@the-aws-ninja Жыл бұрын
You apply waf to CloudFront, alb, api gw, and a few other services. Shield is applicable to CloudFront and alb, as well as elastic IP
@ianlamb1910 Жыл бұрын
Exactly what I needed, brilliant video and covers a lot of important points, thank you.
@ianlamb1910 Жыл бұрын
Out of curiosity, say if an IP address was blocked, is that just for the 5 minute window, or does that go into a blocked ip list which is editable? The latter is very appealing to me.
@the-aws-ninja Жыл бұрын
The IP remain limited until it stops sending traffic for a while. The list is not editable, but you can use cli or api to list the offending IPs - docs.aws.amazon.com/waf/latest/developerguide/listing-managed-ips.html
@ianlamb1910 Жыл бұрын
@@the-aws-ninja Great thanks are you going to do a video on setting up CloudFront for all that additional noise you spoke of here? Would love to see it.
@Achrafsouk Жыл бұрын
How would solve the following risk with POST based rate limiting: A single IP can easily cause a denial of service to other users by POSTing beyond this limit.
@the-aws-ninja Жыл бұрын
Absolutely. You should always keep multiple layers of rate based rules - IP based for non Distributed attempts, and non IP based for other attacks. You can also create, for the POST scenario, 2 rate based rules - one set as low as 100 requests per IP, scoped down to only POST requests, and another rule, set at a higher threshold, to count ALL POST requests. Thank you for this question!
@Achrafsouk Жыл бұрын
Thank you for the awesome content@@the-aws-ninja
@VijayLaxmi-kv9qq Жыл бұрын
I don't know computer knowledge,,,,, thanks lot,,,❤❤
@johnaladdin6602 Жыл бұрын
non sense!, where is the login page with captcha?
@waltwhite8126 Жыл бұрын
If you have a cloudfront distribution you can select it in the WAF and Rule creation screen, so the captcha will be automatically applied.
@oismaelash Жыл бұрын
Great video!
@shivamanand8998 Жыл бұрын
Thanks, I was looking for a video to differentiate Lambda Edge and CloudFront Functions
@DenuLimbu-js9uw Жыл бұрын
Sw
@parthmehta7445 Жыл бұрын
1ü1 aaaa😮aA
@mohammedusman6510 Жыл бұрын
thanks alot.
@mateus_fortunatoo 2 жыл бұрын
Very very nice content, thanks mate!
@tgmendi 2 жыл бұрын
Great ideas! I would have loved to see the captcha in action with a usage example.
@danielmd3000 2 жыл бұрын
Redirects force the use of CORS witch breaks samesite and will be problematic when 3rd party cookies get dropped by browser vendors. In those cases it would be good to have the option to do a forward.
@percyai7776 2 жыл бұрын
pkease make a video by explaining aws custome managed rule and also how to protect from xss and sql injection in custom manner
@the-aws-ninja 2 жыл бұрын
Interesting take. It probably won't be short, but I'll put it on my work queue!
@percyai7776 2 жыл бұрын
@@the-aws-ninja yes please looking forward to it.
@joshkullerton7604 2 жыл бұрын
nice job!
@the-aws-ninja 2 жыл бұрын
Thank you! Cheers!
@ArchonLicht 2 жыл бұрын
I didn't see the actual captcha. How do you put that captcha on your webpage?
@rkrk7631 2 жыл бұрын
Aq
@pramodkumar-fe5mu 2 жыл бұрын
Pm p pp ok.
@roiromano2059 2 жыл бұрын
Is there any option to do rewrite to the URI? Let’s say I have /api/int/index.htm -> rewrite to -> api/1427389/int/index.htm
@the-aws-ninja 2 жыл бұрын
You can use CloudFront Functions or Lambda@Edge for that
@nufjeyhydjeyr5569 2 жыл бұрын
B
@didiln 3 жыл бұрын
nice one!