AWS > WAF >

Web ACL Rules Default Action

MEDIUM

Source

CloudSploit

ID

web-acl-rules-default-action

management console

Web ACL Rules Default Action

Ensure that default Web ACL action is set to “Block” for ACL rules with allow action.

Web ACL default action determines whether the incoming request is allowed or blocked when none of the rules are matched. As a security best practice, make sure it is set to ‘Block’ when you have configured web ACL rules with allow actions. This will limit the number of users accessing your web app and will reduce the scope of malicious attacks.

Recommended Actions

Modify Web ACL and set default action to block requests.

Links

https://docs.aws.amazon.com/waf/latest/APIReference/API_DefaultAction.html

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.

Copyright © 2024 Aqua Security Software Ltd. Privacy Policy | Terms of Use