Using AWS CloudFront and AWS WAF together, you can add some security to your sites with less work and focus on making features for your users. By Peter Grainger.
In this post, author will provide some information about AWS CloudFront, AWS WAF, and SQL injection. Then he will provide a step-by-step guide on how to use the two AWS services together to protect against SQL injection.
The main content of the article:
- Some background information on AWS WAF, CloudFront, and injection
- Providing protection for the GeoJS API using AWS WAF
- How to use CloudFront and AWS WAF together to protect against SQL injection attacks
Injection is the number one critical risk for web applications according to OWASP. Setting up AWS WAF with AWS managed rules means you have less maintenance updating the WAF for each new vulnerability. You connect to the AWS WAF in the CloudFront distribution wizard when creating a new distribution. After configuring both services, you can test the WAF will block incoming SQL injection attacks before they reach your application.
You will also get detailed breakdown of steps to set up WAF for this scenario together with screenshots. Nice one!
[Read More]