Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-baseline.html below:

Baseline rule groups - AWS WAF, AWS Firewall Manager, AWS Shield Advanced, and AWS Shield network security director

Inspects for requests that are missing the HTTP User-Agent header.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:NoUserAgent_Header

Inspects for common User-Agent header values that indicate that the request is a bad bot. Example patterns include nessus, and nmap. For bot management, see also AWS WAF Bot Control rule group.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:BadBots_Header

Inspects for URI query strings that are over 2,048 bytes.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:SizeRestrictions_QueryString

Inspects for cookie headers that are over 10,240 bytes.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:SizeRestrictions_Cookie_Header

Inspects for request bodies that are over 8 KB (8,192 bytes).

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:SizeRestrictions_Body

Inspects for URI paths that are over 1,024 bytes.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:SizeRestrictions_URIPath

Inspects for attempts to exfiltrate Amazon EC2 metadata from the request body.

This rule only inspects the request body up to the body size limit for the protection pack or web ACL and resource type. For Application Load Balancer and AWS AppSync, the limit is fixed at 8 KB. For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB and you can increase the limit up to 64 KB in your protection pack or web ACL configuration. This rule uses the Continue option for oversize content handling. For more information, see Oversize web request components in AWS WAF.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:EC2MetaDataSSRF_Body

Inspects for attempts to exfiltrate Amazon EC2 metadata from the request cookie.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:EC2MetaDataSSRF_Cookie

Inspects for attempts to exfiltrate Amazon EC2 metadata from the request URI path.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:EC2MetaDataSSRF_URIPath

Inspects for attempts to exfiltrate Amazon EC2 metadata from the request query arguments.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:EC2MetaDataSSRF_QueryArguments

Inspects for the presence of Local File Inclusion (LFI) exploits in the query arguments. Examples include path traversal attempts using techniques like ../../.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:GenericLFI_QueryArguments

Inspects for the presence of Local File Inclusion (LFI) exploits in the URI path. Examples include path traversal attempts using techniques like ../../.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:GenericLFI_URIPath

Inspects for the presence of Local File Inclusion (LFI) exploits in the request body. Examples include path traversal attempts using techniques like ../../.

This rule only inspects the request body up to the body size limit for the protection pack or web ACL and resource type. For Application Load Balancer and AWS AppSync, the limit is fixed at 8 KB. For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB and you can increase the limit up to 64 KB in your protection pack or web ACL configuration. This rule uses the Continue option for oversize content handling. For more information, see Oversize web request components in AWS WAF.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:GenericLFI_Body

Inspects for requests whose URI paths contain system file extensions that are unsafe to read or run. Example patterns include extensions like .log and .ini.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:RestrictedExtensions_URIPath

Inspects for requests whose query arguments contain system file extensions that are unsafe to read or run. Example patterns include extensions like .log and .ini.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:RestrictedExtensions_QueryArguments

Inspects the values of all query parameters for attempts to exploit RFI (Remote File Inclusion) in web applications by embedding URLs that contain IPv4 addresses. Examples include patterns like http://, https://, ftp://, ftps://, and file://, with an IPv4 host header in the exploit attempt.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:GenericRFI_QueryArguments

Inspects the request body for attempts to exploit RFI (Remote File Inclusion) in web applications by embedding URLs that contain IPv4 addresses. Examples include patterns like http://, https://, ftp://, ftps://, and file://, with an IPv4 host header in the exploit attempt.

This rule only inspects the request body up to the body size limit for the protection pack or web ACL and resource type. For Application Load Balancer and AWS AppSync, the limit is fixed at 8 KB. For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB and you can increase the limit up to 64 KB in your protection pack or web ACL configuration. This rule uses the Continue option for oversize content handling. For more information, see Oversize web request components in AWS WAF.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:GenericRFI_Body

Inspects the URI path for attempts to exploit RFI (Remote File Inclusion) in web applications by embedding URLs that contain IPv4 addresses. Examples include patterns like http://, https://, ftp://, ftps://, and file://, with an IPv4 host header in the exploit attempt.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:GenericRFI_URIPath

Inspects the values of cookie headers for common cross-site scripting (XSS) patterns using the built-in AWS WAF Cross-site scripting attack rule statement. Example patterns include scripts like <script>alert("hello")</script>.

The rule match details in the AWS WAF logs is not populated for version 2.0 of this rule group.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:CrossSiteScripting_Cookie

Inspects the values of query arguments for common cross-site scripting (XSS) patterns using the built-in AWS WAF Cross-site scripting attack rule statement. Example patterns include scripts like <script>alert("hello")</script>.

The rule match details in the AWS WAF logs is not populated for version 2.0 of this rule group.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:CrossSiteScripting_QueryArguments

Inspects the request body for common cross-site scripting (XSS) patterns using the built-in AWS WAF Cross-site scripting attack rule statement. Example patterns include scripts like <script>alert("hello")</script>.

The rule match details in the AWS WAF logs is not populated for version 2.0 of this rule group.

This rule only inspects the request body up to the body size limit for the protection pack or web ACL and resource type. For Application Load Balancer and AWS AppSync, the limit is fixed at 8 KB. For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB and you can increase the limit up to 64 KB in your protection pack or web ACL configuration. This rule uses the Continue option for oversize content handling. For more information, see Oversize web request components in AWS WAF.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:CrossSiteScripting_Body

Inspects the value of the URI path for common cross-site scripting (XSS) patterns using the built-in AWS WAF Cross-site scripting attack rule statement. Example patterns include scripts like <script>alert("hello")</script>.

The rule match details in the AWS WAF logs is not populated for version 2.0 of this rule group.

Rule action: Block

Label: awswaf:managed:aws:core-rule-set:CrossSiteScripting_URIPath

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4