WAF Setup

Protect web applications with Web Application Firewalls.

AWS WAF

Create Web ACL

aws wafv2 create-web-acl
--name my-waf
--scope REGIONAL
--default-action Allow={}
--rules file://rules.json

Associate with ALB

aws wafv2 associate-web-acl
--web-acl-arn arn:aws:wafv2:...
--resource-arn arn:aws:elasticloadbalancing:...

ModSecurity (nginx)

nginx.conf

load_module modules/ngx_http_modsecurity_module.so;

server { modsecurity on; modsecurity_rules_file /etc/nginx/modsec/main.conf; }

Install OWASP CRS

git clone https://github.com/coreruleset/coreruleset /etc/nginx/modsec/crs

Cloudflare WAF

Enable managed rules via API

curl -X PUT "https://api.cloudflare.com/client/v4/zones/{zone}/firewall/waf/packages/{package}/rules/{rule}"
-H "Authorization: Bearer $TOKEN"
-d '{"mode":"block"}'

Common Rules

protections:

• SQL Injection (SQLi)
• Cross-Site Scripting (XSS)
• Remote File Inclusion (RFI)
• Local File Inclusion (LFI)
• Command Injection
• Cross-Site Request Forgery (CSRF)

Best Practices

• Start in detection mode

• Tune for false positives

• Monitor blocked requests

• Regular rule updates

• Custom rules for app-specific attacks

Related Skills

• dast-scanning - Web security testing

• ssl-tls-management - HTTPS configuration