The Routing Loop

Thursdays 10:30AM-12:00PM PST / 1:30PM-3:00PM EST / 6:30PM-8:00PM GMT


20 April 2023

Using AWS WAF labeling to address false positive with AMR

Tom Adamski

Devansh Agrawal, Cloud Support Engineer

When using AWS Managed Rule groups for WAF, sometimes you may need to make exceptions to these rules for certain web requests. This can be done by overriding the Managed Rule group rules to count matches and then creating a custom rule to handle the traffic based on the labels added to the request by the Managed Rule group.Managed Rule groups often add labels to web requests to indicate which rules were matched and provide additional information about the match. By using these labels, you can create more specific rules to handle the labeled traffic and reduce the number of false positives generated by the Managed Rule group