Ensure AWS WAF Web ACLs Contain Rules or Rule Groups
This control checks that AWS WAF web ACLs contain at least one rule or rule group, critical for the effective management of web traffic.
| Rule | AWS WAF web ACLs should have at least one rule or rule group |
| Framework | AWS Foundational Security Best Practices |
| Severity | ✔ Medium |
Rule Description
AWS Web Application Firewall (WAF) provides the ability to create web ACLs to protect your web applications from various types of attacks. It is recommended to have at least one rule or rule group in your web ACL that aligns with the AWS Foundational Security Best Practices to enhance the security of your web applications.
Troubleshooting Steps
If you do not have a rule or rule group for AWS Foundational Security Best Practices, you can follow the below steps to add one:
- 1.Log in to your AWS Management Console.
- 2.Navigate to the AWS WAF service.
- 3.Select the web ACL for which you want to add a rule.
- 4.Click on "Rules" tab.
- 5.Click on "Add rules" button.
- 6.Select the rule or rule group that aligns with the AWS Foundational Security Best Practices.
- 7.Click on "Add rule" to save the changes.
Necessary Codes
There are no specific codes required for this rule. You can add rules manually through the AWS Management Console.
Remediation Steps
To adhere to this rule, follow the below steps:
- 1.Log in to your AWS Management Console.
- 2.Navigate to the AWS WAF service.
- 3.Select the web ACL that you want to update.
- 4.Click on "Rules" tab.
- 5.Click on "Add rules" button.
- 6.Select the rule or rule group that aligns with the AWS Foundational Security Best Practices.
- 7.Click on "Add rule" to save the changes.
- 8.Ensure that the new rule or rule group is correctly configured and implemented.
By following these steps, you will have at least one rule or rule group in your AWS WAF web ACL that aligns with the AWS Foundational Security Best Practices, thereby enhancing the security of your web applications.