IP Blocking: Use AWS WAF or NACL?

What should you do if you identified a series of malicious attacks on your application coming from a specific IP address? Will you use AWS WAF to block that IP address or create a rule in your Network Access Control List to deny traffic from that IP?

It is true that AWS WAF can filter web requests based on IP addresses, HTTP headers, HTTP body, or URI strings, to block common attack patterns, such as SQL injection or cross-site scripting. NACL, on the other hand, acts like a firewall for controlling traffic in and out of your subnets.

If the scenario is more about protecting your application from common web exploits (SQL injection or cross-site scripting), then AWS WAF would be a more suitable choice. Otherwise, you should choose NACL if it explicitly requires the need to block all traffic based on a given IP address or range.

IT Certification Category (English)728x90

In real-world scenarios, a hacker will not just use a single IP address to attack you. These guys will just use one IP address after the other. This is why it is difficult to individually block a malicious IP address or range using NACL. If you have a private web application (which is only used within your corporate network), the better solution would be to use a whitelist approach where you only allow authorized IP address/range to access your VPC. For public web applications, using the AWS WAF would be a better choice.

Additional Reading Materials:

WAF

NACL

Cheat Sheets on AWS WAF and Amazon VPC:

AWS Training AWS WAF AWS Training Amazon VPC

***

AWS Certifications are consistently among the top paying IT certifications in the world, considering that Amazon Web Services is the leading cloud services platform with almost 50% market share! Earn over $150,000 per year with an AWS certification!

Subscribe to our newsletter and notifications for more helpful AWS cheat sheets and study guides like this and answer as many AWS practice exams as you can.🙂

20% OFF Single Item Purchases and BIGGER Bundle Discounts (July 1 to July 8 only)

NEW – Cloud Practitioner and SA-Associate Exam Study Guide and Cheat Sheets

Tutorials Dojo Study Guide and Cheat Sheets-2

NEW Course – AWS Certified Security Specialty Practice Exams 2020

AWS Certified Security - Specialty Exam Study Path

Enroll Now – AWS Certified Cloud Practitioner Practice Exams 2020

AWS Certified Cloud Practitioner New

Enroll Now – AWS Certified Solutions Architect Associate Practice Exams 2020

AWS Certified Solutions Architect Associate Practice Exams New

Enroll Now – AWS Certified Developer Associate Practice Exams 2020

AWS Certified Developer Associate New

Enroll Now – AWS Certified SysOps Administrator Associate Practice Exams 2020

AWS Certified SysOps Administrator Associate New

Enroll Now – AWS Certified Solutions Architect Professional Practice Exams 2020

AWS Certified Solutions Architect Professional New

Enroll Now – AWS Certified DevOps Engineer Professional Practice Exams 2020

AWS Certified DevOps Engineer Professional Practice Exams New

Browse Other Courses

Generic Category (English)300x250

Recent Posts