Using AWS WAF to Block Traffic from a Specific Country
Question
A company is hosting a web application that is sitting behind an Application Load Balancer.
There is a plan to use the AWS WAF service to protect the application from various sorts of attacks.
There is also a requirement to prevent traffic from a specific country.
How can this be achieved?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - B.
This is mentioned in the AWS Documentation.
If you want to allow or block web requests based on the country that the requests originate from, create one or more geo match conditions.
A geo match condition lists countries that your requests originate from.
Later in the process, you specify whether to allow or block requests from those countries when you create a web ACL.
Option A is incorrect since this is used to allow or block requests based on the IP addresses that they originate from.
Option C is incorrect because the rule group should be added to the web ACL.
The rule group itself cannot be activated.
Option D is incorrect because the Geographic Match Condition should be created in a rule group instead of the web ACL, and you cannot add a web ACL to a rule.
The description of the option is inaccurate.
For more information on working with Web ACL geo conditions, please visit the below URL.
https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-geo-conditions.htmlThe correct answer is B. Create a Geographic Match Condition rule and add the rule in the WAF web ACL.
AWS WAF (Web Application Firewall) is a web application firewall service that helps to protect web applications from common web exploits such as SQL injection, cross-site scripting (XSS), and other attacks. AWS WAF can also be used to block specific IP addresses or countries from accessing your web application.
To prevent traffic from a specific country, you can create a Geographic Match Condition rule in AWS WAF. This rule allows you to block or allow traffic based on the geographic location of the request, as determined by the source IP address.
To create a Geographic Match Condition rule in AWS WAF, follow these steps:
- Open the AWS WAF console and navigate to the WAF Rules page.
- Click on the Create rule button to create a new rule.
- Give your rule a name and choose the type of rule that you want to create.
- Under Match conditions, select Geographic match.
- Choose the geographic locations that you want to block or allow. You can select specific countries or regions, or you can choose to block or allow all countries.
- Save your rule.
Once you have created your Geographic Match Condition rule, you can add it to a WAF web ACL (Access Control List). A web ACL is a set of rules that define which traffic is allowed or blocked from accessing your web application.
To add your Geographic Match Condition rule to a WAF web ACL, follow these steps:
- Open the AWS WAF console and navigate to the WAF ACLs page.
- Click on the Create web ACL button to create a new web ACL.
- Give your web ACL a name and choose the AWS resources that you want to protect with the web ACL.
- Under Rules, click on Add rule.
- Select the rule that you want to add to the web ACL and click Add.
By adding the Geographic Match Condition rule to your WAF web ACL, you can prevent traffic from a specific country from accessing your web application. This helps to protect your web application from potential attacks or unauthorized access from specific regions.
