This can help prevent remote injection of unauthorized queries. The SQL database rule group contains rules to block request patterns associated with exploitation of SQL databases, like SQL injection attacks. The WordPress application rule group contains rules that block request patterns associated with the exploitation of vulnerabilities specific to WordPress sites. The AWS Managed Rule Groups that will be used are listed below: Managed Rules contain pre-defined rules that are designed and managed by AWS and AWS Marketplace sellers to protect your web application. We’ll be making use of a Web ACL and a few AWS Managed Rules to protect our WordPress site. Please take note that an AWS WAF can only be attached to the below resource types:Īn AWS WAF can be thought of as product that inspects traffic between your web application and the internet, it makes use of rules that allow you to block or allow web requests based on conditions that you define.
Throughout my cloud journey and continuous learning of the AWS platform and its services, I often notice that security is often overlooked when deploying WordPress sites, most tutorials will guide you through the steps for deploying a highly available WordPress site and neglect to show ways in which you can protect your WordPress site once deployed.ĭisclaimer - The use of an AWS Web Application Firewall (WAF) and managed rules highlighted in this blog post is by no means exhaustive but can help improve your security posture and better protect your WordPress site, in this blog post we’ll take a look at using specific AWS Managed Rules for WAF.
0 kommentar(er)
