What is WAF?

- AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to  Amazon CloudFront, an Application Load Balancer or API Gateway.
- AWS WAF also lets you control access to your content.
- WAF is a layer 7 aware firewall, where a normal conventional firewall might only be able to go up to level 4 and not able to detect things like querystring values.
- You can configure conditions such as what IP addresses are allowed to make the request or what query string parameters need to be passed for the request to be allowed.

- At its most basic level, AWS WAF allows 3 different behaviours:
  - 1 Allow all requests except the ones you specify.
  - 2 Block all requests except the onee you specify.
  - 3 Count the requests that match the properties you specify.

- Extra Protection against Web Attacks:
  - IP addresses that requests originate from (IP Match conditions).
  - Country that requests originate from.
  - Values in requests headers.
  - Strings that appear in requests, specific or matching regular expression patterns.(String Match conditions)
  - Length of requests (Size Match conditions).
  - Presence of SQL code that is likely to be malicious (SQL Injection).
  - Presence of a script that is likely to be malicios (Cross-site Scripting).