Aws-Waf-Header-Analyzer - The Purpose Of The Project Is To Create Rate Limit In AWS WaF Based On HTTP Headers
2023-11-3 19:30:0 Author: www.kitploit.com(查看原文) 阅读量:11 收藏

The purpose of the project is to create rate limit in AWS WaF based on HTTP headers.

Golang is a dependencie to build the binary. See the documentation to install: https://go.dev/doc/install

The rules configuration is very simple, for example, the threshold is the limited of the requests in X time. It's possible to monitoring multiples headers, but, the header needs to be in HTTP Request header log.

rules:
  header:
    x-api-id: # The header name in HTTP Request header
      threshold: 100
    token:
      threshold: 1000

It's possible send notifications to Slack and Telegram. To configure slack notifications, you needs create a webhook configuration, see the slack documentation: https://api.slack.com/messaging/webhooks

Telegram bot father: https://t.me/botfather

notifications:
  slack:
    webhook-url: https://hooks.slack.com/services/DA2DA13QS/LW5DALDSMFDT5/qazqqd4f5Qph7LgXdZaHesXs
  telegram:
    bot-token: "123456789:NNDa2tbpq97izQx_invU6cox6uarhrlZDfa"
    chat-id:  "-4128833322"

To set up AWS credentials, it's advisable to export them as environment variables. Here's a recommended approach:

export AWS_ACCESS_KEY_ID=".."
export AWS_SECRET_ACCESS_KEY=".."
export AWS_REGION="us-east-1"

retrive-logs-minutes-ago is the time range you want to fetch the logs, in this example, logs from 1 hour ago.

aws:
  waf-log-group-name: aws-waf-logs-cloudwatch-cloudfront
  region: us-east-1
  retrive-logs-minutes-ago: 60

Aws-Waf-Header-Analyzer - The Purpose Of The Project Is To Create Rate Limit In AWS WaF Based On HTTP Headers Aws-Waf-Header-Analyzer - The Purpose Of The Project Is To Create Rate Limit In AWS WaF Based On HTTP Headers Reviewed by Zion3R on 8:30 AM Rating: 5


文章来源: http://www.kitploit.com/2023/11/aws-waf-header-analyzer-purpose-of.html
如有侵权请联系:admin#unsafe.sh