AWS WAF

About AWS WAF
AWS WAF is a website security and firewall software that helps businesses manage filter web traffic, control bot traffic, handle account takeovers attacks, and more on a centralized platform. It allows team members to create web traffic filtration rules based on multiple custom conditions, such as custom URIs, IP addresses, and HTTP headers and body.
AWS WAF fraud control module lets employees automatically monitor login pages of applications to prevent unauthorized access, brute force login attempts, credential stuffing attacks, and other anomalous login activities. With the real-time metrics functionality, users can capture raw requests with details, such as geo-locations, URIs, user-agent, referrers, and geo-locations.
Images



Not sure about AWS WAF?
Compare with a popular alternative
Starting Price
Pricing Options
Features
Integrations
Ease of Use
Value for Money
Customer Service
Alternatives
Microsoft Azure

Google Cloud

Bot Manager

MySQL

Reviews
Already have AWS WAF?
Software buyers need your help! Product reviews help the rest of us make great decisions.

- Industry: Information Technology & Services
- Company size: 11–50 Employees
- Used Weekly for 1-5 months
-
Review Source
Overall rating
- Value for Money
- Ease of Use
- Likelihood to recommend 7.0 /10
Quite good basic Web Application Firewall in free version
Reviewed on 2022/05/29
We adopt WAF in front of our single ingress point, our ALB, through which all our requests pass. We...
We adopt WAF in front of our single ingress point, our ALB, through which all our requests pass. We deploy a lot of different web apps, including Wordpress sites, API custom apps and so on.
With AWF we can setup some default rules which covers typical attacks and we sometime set custom rules based on specific application requirements.
When rules become many, you have to pay to add more.
Pros
Preset rules covers a lot of typical web app critical security issue, like SQL Injection and Wodpress attack.
Monitoring is quite good. Set actions in the event of an attack is very simple to setup.
Cons
You have a budget in "points" to spent for free. Using preset rules or set your own rules consumes "points" so you can set only a certain number of rules for free.
Using advanced features requires a "pro" version which is very very expensive for us.
- Industry: Information Technology & Services
- Company size: 10,000+ Employees
- Used Daily for 1+ year
-
Review Source
Overall rating
- Value for Money
- Ease of Use
- Customer Support
- Likelihood to recommend 9.0 /10
AWS WAF: The Defender Our Web Apps Deserve
Reviewed on 2023/12/25
Its been super easy to create and manage all the security rules for all of my Web Applications in a...
Its been super easy to create and manage all the security rules for all of my Web Applications in a single place using AWS WAF
Pros
The best about AWS WAF is its pre-built defenses. This WAF acts as a shield for all my web apps and it filters out all malicious traffic and protects against common web attacks for example SQL injection, XSS, or bot attacks. It provides a variety of managed rule groups, including OWASP Top 10, Common Rules, and Bot Control which are super useful. Not only these pre-defined rules , I can create my custom rules to address specific needs for my web applications. And another very useful feature is I can easily integrate WAF with other AWS resources such as AWS Cloudfront, ALB ,Amazon API gateway etc .
Cons
The pay as you go model for AWS WAF is little bit complex for a newbie as the price depends on many factors such as number of Web access control lists created,traffic volume,configuration etc. So you must have prior knowledge to deal with AWS WAF. Except this there is nothing much to dislike about AWS WAF.
- Industry: Computer & Network Security
- Company size: 201–500 Employees
- Used Daily for 2+ years
-
Review Source
Overall rating
- Value for Money
- Ease of Use
- Customer Support
- Likelihood to recommend 10.0 /10
AWS waf
Reviewed on 2023/02/20
Pros
Easy to setup and create a new ruleease of use of IP sets and regex pattern sets in which we can block IPs and domains
Cons
I am using AWS WAF for 2 years and It is easy to use setup.The dashboard is clear and gives an idea of the rules
- Industry: Design
- Company size: 2–10 Employees
- Used Daily for 1+ year
-
Review Source
Overall rating
- Value for Money
- Ease of Use
- Customer Support
- Likelihood to recommend 9.0 /10
Once you get past that the learning curve is unmatched.
Reviewed on 2022/03/31
Stop using third party tools. Being able to use all the other AWS tools, IP filtering, Shield and...
Stop using third party tools. Being able to use all the other AWS tools, IP filtering, Shield and MAP.
Pros
The leap from other platforms has been slow but the speed with all the AWS tools is unmatched. Once you move from other services (Google and Azure) the environment is much better and robust. And stop using third party tools as everything is integrated within the AWS environment.
Cons
The learning curve is complicated. And for more detailed projects I need a system administrator, because it is difficult. But of course the investment is well worth it.
AWS WAF FAQs
Below are some frequently asked questions for AWS WAF.Q. What type of pricing plans does AWS WAF offer?
AWS WAF offers the following pricing plans:
- Free Trial: Not Available
Please contact Amazon Web Services for pricing details.
Q. Who are the typical users of AWS WAF?
AWS WAF has the following typical customers:
Self Employed, 2–10, 11–50, 51–200, 201–500, 501–1,000, 1,001–5,000
Q. What languages does AWS WAF support?
AWS WAF supports the following languages:
English
Q. Does AWS WAF support mobile devices?
AWS WAF supports the following devices:
Q. What other apps does AWS WAF integrate with?
We do not have any information about what integrations AWS WAF has
Q. What level of support does AWS WAF offer?
AWS WAF offers the following support options:
Email/Help Desk, FAQs/Forum, Knowledge Base
Related categories
See all software categories found for AWS WAF.