Protect your website from unwanted traffic with AWS WAF BOT

Research done by the AWS Shield Threat Research Team revealed that up to 51% of the traffic heading into typical web applications is caused by the bots, which are the scripts generated by the machines.

There is a huge range of these bots, some of them are desirable, and some are not. These unwanted bots can drastically affect your web pages. A wanted bot crawls your website to index them and make them discoverable by your clients. Even Google sends bots to read your content thoroughly and can help your website rank high on the search engine.

Some bots observe your site accessibility or execution. However, the greater part of the bot traffic is created by unwanted bots: scripts testing for vulnerabilities or duplicating your substance to reproduce it elsewhere without your permission. Notwithstanding the security hazard, serving this traffic causes undesirable pressure on your website and increases your architecture’s maintenance costs.

Shielding your site from this unwanted traffic is tedious and erroneous. Dealing with many rules is intricate, with the dangers of impending good traffic or approving traffic that ought to be restricted. Also, restricting these unwanted bots need expertise to deal with them which might not be possible for everyone out there.

AWS WAF Bot Control – A solution for getting rid of Unwanted Bots

For solving all the problems related to unwanted bots, Amazon Web Server has introduced Web Application Firewall Bot Control. Like a Firewall protects your computer from getting attacked by viruses. Similarly, an AWS WAF Bot protects your website from the attack of unwanted bots.

AWS WAF Bot Control to identify and distinguish between wanted and unwanted bots. It also takes action against common bot traffic. AWS WAF Bot Control is integrated into AWS Web Application Firewall. It can be then managed centrally using AWS Firewall Manager for large enterprise use cases.

Functioning of AWS WAF Bot

WAF Bot Control analyzes request metadata to identify the source and purpose of a bot; these include –
TLS handshakes
HTTP attributes, and
IP addresses.

It categorizes bot types such as –
Scraper
SEO
Crawler
Site Monitor

After recognizing the bot, AWS WAF can block traffic coming from unwanted bots. You have to select the default action to block unwanted bot traffic as part of your WAF configuration. You can also customize your WAF configuration.

Integration with AWS WAF Bot control system allows you to visualize the extent of bot traffic to your websites and control this traffic via WAF rules. WAF Bot Control uses two new functionalities that are labelling and scope down statements.

AWS WAF Labels

AWS WAF labels are metadata added to the request according to the result obtained by a matching rule statement. These WAF labels are just like a variable in which you can temporarily store the result of a rule action and later use it in a successive rule.

AWS WAF labels emit CloudWatch metrics
It can be useful for evaluating multiple statements with a Count action
Labels are useful to take actions or reuse logic across multiple rules
Labels are also used to emit various bot-related signals
It allows you to customize the behaviour that suits your needs

Scope Down Statements

Scope down statements allow you to define the conditions under which you have to execute the managed rule group. It is similar to the scope down functionality provided for rate-based rules in AWS WAF. You can include a Scope Down Statement for the following purposes –
to reduce costs
to limit evaluation to the parts of application
to avoid false positives
to avoid latency impact for specific paths

AWS WAF Bot Control Benefits

1. Gives free visibility into bot traffic activities. There are pre-built dashboards that show the applications with high levels of bot activity based on sampled data.
2. Reduces the traffic generated by scrapers and crawlers, hence helps in reducing the operational and infrastructure costs.
3. Blocks unwanted bot traffic at an initial level thus helps in protecting the website from negative impact of the bots.

Working of AWS WAF Bot Control

Bot Control is easy to deploy. You can easily add this to Amazon CloudFront, Application Load Balancer, Amazon API Gateway, or AWS AppSync by adding an AWS managed rule group to a web access control list (web ACL).

After adding this to your web, an AWS WAF Console appears on your screen. On the left, you notice a new Bot Control menu. This menu provides an overview and summary of bot-related traffic seen on your web ACL.

All AWS customers get these bot activity metrics as part of the AWS WAF free tier. You can also check the split between bot and non-bot requests, the number of blocked bot requests, and bots’ categories.

Then you can follow the following steps to set your Web ACL account.

Enter the detail of Web ACL
Add AWS Managed Web Rule
Choose default action for Web ACL
Click create Web ACL
Get access to the Web ACL dashboard

Pricing and Availability

AWS WAF Bot Control is available today in all AWS Regions where AWS WAF is available. AWS WAF Bot Control can filter traffic hitting your
Amazon CloudFront distributions
Application Load Balancer
Amazon API Gateway
AWS AppSync

Bot Control is a paid AWS Managed Rule. Therefore, you will be charged $10 / month (prorated by the hour) for each time Bot Control is added to your web ACL. Also, you have to pay an extra $1 per million requests processed by Bot Control. Bot Control charges are in addition to the AWS WAF fees.

If you want to access the best services and consultation for AWS WAF Bot Control, we at Perimattic provide you expert assistance for the same at the most affordable prices.

Posted in