英文:
Difference Between WAF attached CloudFront and Simple CloudFront
问题
我最近为我的网站应用程序设置了一个Web应用程序防火墙(WAF),通过CloudFront提供服务。为了评估其影响,我使用JMeter进行了负载测试,测试了两种情况:启用WAF和未启用WAF。然而,我的观察并没有显示出两种配置之间网站流量有任何显著的差异。
我现在希望确认一下,WAF是否会确实影响网站流量,还是会保持不受影响,并与正常的流量流程类似。
英文:
I recently set up a Web Application Firewall (WAF) for my web application, which is being served via CloudFront. To assess its impact, I conducted load testing using JMeter for both scenarios: with WAF enabled and without WAF. However, my observations didn't show any noticeable difference in the website traffic between the two configurations.
I now seek confirmation on whether a WAF will indeed affect website traffic or if it will remain unaffected and similar to the normal traffic flow.
答案1
得分: 1
WAF用于阻止不必要的流量,使用其规则和引擎。位于WAF后面的Cloudfront和没有WAF的Cloudfront都是相同的Cloudfront,并且对到达的请求会做出相同的响应。
您在WAF中启用了哪些规则?您可以启用WAF的阻止数量统计 - 看看是否有响应。
您的网站源是什么?如果您只是对S3进行了简单的测试,那么最大负载几乎是无限的($$$),您不太可能触及限制。
有一些事情可以故意触发WAF,比如尝试访问“已知”的恶意网址等。
英文:
The WAF is there to block unwanted traffic with its rules and engines. The Cloudfront behind the WAF, and the Cloudfront without the WAF, are both the same Cloudfront and will respond the same to a request which arrives.
What rules did you enable in WAF? You can enable statistics on the number of blocks by WAF - see if that is responding.
What is your website origin? If you just did a simple test with S3, then the max load is virtually unlimited ($$$) and you'd be unlikely to hit that.
There's some things you can do to deliberately trigger WAF like try to access 'known' naughty urls etc.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论