AWS WAF web application firewall service is built to protect cloud apps from web attacks like DDoS attacks, SQL injections, Cross site scripting.
Below are the steps involved in configure AWS WAF security:
Step.1 Open CloudFormation and click on create new Stack.
Step.2 Select the option (Specify an Amazon S3 template URL)
Step.3 Now, open a new tab and open AWS WAF documentation page, then click on Preconfigured Rules & Tutorials section.
Step.4 Read it for information and click here to proceed further.
Step.5 Click on Deploy Solution option.
Step.6 Scroll a little down on this page and locate the download template link, then right click and copy the link.
Step.7 Paste it as asked in Step 2
Step.8 After pasting URL in box click Next.
Step.9 It will ask to provide a name for stack, so provide a suitable name.
Step.10 Scroll down and now it is asking for bucket name that will be use to store logs.
Step.11 Leave other settings to default and proceed to next page.
Step.12 Leave this page also default and proceed click next.
Step.13 Now, It will prompt for acknowledgement, select that and click create.
Step.14 It will show you below page and this process might take 15-20 min to complete.
Step.15 Now on other tab of browser, open WAF menu.
Step.16 Click on it from ACL list.
Step.17 now click on Rules section and then it will show all the default rules applied using the templates.
Step.18 Now open CloudFront in new tab.
Step.19 Select the CloudFront Distribution on which you want to apply WAF services to filter traffic
Step.20 Click Edit to edit the service.
Step.21 Now click on AWS WAF ACL and select from the list that you just created
Step.22 Select Logging option to set it to ON and choose the bucket from the list.
Step.23 And finally Click on Yes Edit, and it will take some usual time to reflect the changes.