Aws-Waf-Header-Analyzer - The Purpose Of The Project Is To Create Rate Limit In AWS WaF Based On HTTP Headers


The purpose of the project is to create rate limit in AWS WaF based on HTTP headers.


Golang is a dependencie to build the binary. See the documentation to install: https://go.dev/doc/install

makesudo make install

The rules configuration is very simple, for example, the threshold is the limited of the requests in X time. It's possible to monitoring multiples headers, but, the header needs to be in HTTP Request header log.

rules:  header:    x-api-id: # The header name in HTTP Request header      threshold: 100    token:      threshold: 1000

It's possible send notifications to Slack and Telegram. To configure slack notifications, you needs create a webhook configuration, see the slack documentation: https://api.slack.com/messaging/webhooks

Telegram bot father: https://t.me/botfather

notifications:  slack:    webhook-url: https://hooks.slack.com/services/DA2DA13QS/LW5DALDSMFDT5/qazqqd4f5Qph7LgXdZaHesXs  telegram:    bot-token: "123456789:NNDa2tbpq97izQx_invU6cox6uarhrlZDfa"    chat-id:  "-4128833322"

To set up AWS credentials, it's advisable to export them as environment variables. Here's a recommended approach:

export AWS_ACCESS_KEY_ID=".."export AWS_SECRET_ACCESS_KEY=".."export AWS_REGION="us-east-1"

retrive-logs-minutes-ago is the time range you want to fetch the logs, in this example, logs from 1 hour ago.

aws:  waf-log-group-name: aws-waf-logs-cloudwatch-cloudfront  region: us-east-1  retrive-logs-minutes-ago: 60



Source: www.kitploit.com
Aws-Waf-Header-Analyzer - The Purpose Of The Project Is To Create Rate Limit In AWS WaF Based On HTTP Headers Aws-Waf-Header-Analyzer - The Purpose Of The Project Is To Create Rate Limit In AWS WaF Based On HTTP Headers Reviewed by Zion3R on 10:16 AM Rating: 5