Rule: ELB Application Load Balancers with WAF Enabled
This rule ensures that ELB application load balancers have Web Application Firewall (WAF) enabled.
| Rule | ELB application load balancers should have Web Application Firewall (WAF) enabled |
| Framework | CISA-cyber-essentials |
| Severity | ✔ Medium |
Rule Description:
The rule states that all ELB application load balancers should have Web Application Firewall (WAF) enabled in order to meet the CISA-cyber essentials standards. The WAF helps to protect your web applications from common exploits and attacks by inspecting HTTP and HTTPS traffic.
Troubleshooting Steps:
If you encounter any issues or errors while enabling the Web Application Firewall (WAF) for your ELB application load balancer, here are some troubleshooting steps you can follow:
- 1.
Check WAF Availability: Verify that your AWS region supports the Web Application Firewall (WAF) service. Not all regions may have WAF available, so you may need to select a region that supports WAF.
- 2.
Check IAM Permissions: Ensure that the IAM (Identity and Access Management) user or role you are using to enable WAF for the ELB application load balancer has the necessary permissions. The user or role should have the appropriate policies attached to allow WAF actions.
- 3.
Check ELB Configuration: Verify that your ELB (Elastic Load Balancer) is properly configured and in a compatible state for enabling the Web Application Firewall (WAF). Ensure that your ELB is associated with the correct subnets and security groups.
- 4.
Check WAF Rules and Conditions: Review the WAF rules and conditions you have defined for your ELB. Ensure that they are properly configured to meet your application's requirements and protect against common vulnerabilities.
Necessary Codes:
There are no specific codes required for enabling the Web Application Firewall (WAF) for ELB application load balancers. However, you may need to use AWS CLI (Command Line Interface) commands for the remediation steps mentioned below.
Remediation Steps:
Follow these step-by-step instructions to enable the Web Application Firewall (WAF) for your ELB application load balancer:
- 1.
Log in to the AWS Management Console.
- 2.
Navigate to the EC2 service.
- 3.
Click on "Load Balancers" in the left navigation panel.
- 4.
Select the ELB application load balancer that needs WAF enabled.
- 5.
In the load balancer details page, click on the "Listeners" tab.
- 6.
Identify the HTTP or HTTPS listener that you want to enable WAF for and click on the pencil (edit) icon next to it.
- 7.
In the "Edit Listener" modal, check the box for "Enable WAF" or "Attach WAF".
- 8.
Select the desired WebACL (Web Access Control List) from the dropdown menu. If you don't have a WebACL yet, you can create one by clicking on the "Create new WebACL" link.
- 9.
Review the other settings and options available, and make any necessary changes.
- 10.
Click on the "Save" button to save the changes and enable WAF for the selected listener.
- 11.
Wait for a few moments for the changes to take effect.
- 12.
Once enabled, the Web Application Firewall (WAF) will start inspecting the incoming traffic and applying the configured rules and conditions.
Conclusion:
Enabling the Web Application Firewall (WAF) for ELB application load balancers is crucial to meet the CISA-cyber essentials standards and protect your web applications from potential exploits and attacks. By following the provided troubleshooting steps and remediation guide, you can ensure that WAF is properly configured and functioning for your ELB.