AWS WAF Cheat Sheet A web application firewall that helps protect web applications from attacks by allowing you to configure rules that allow, block, or monitor (count) web requests based on conditions that you define. These conditions include: IP addresses HTTP headers HTTP body URI strings SQL injection cross-site scripting. Features WAF lets you create rules to filter web traffic based on conditions that include IP addresses, HTTP headers and body, or custom URIs. You can also create rules that block common web exploits like SQL injection and cross site scripting. For application layer attacks, you can use WAF to [...]