Protect Your Web Applications from Bots with AWS WAF Bot Control

Introduction to AWS WAF Bot Control

AWS WAF Bot Control is a robust tool designed to manage and mitigate bot traffic on your web applications. It helps you identify and control various types of bots, such as scrapers, scanners, and crawlers, which can otherwise consume resources, alter metrics, or cause downtime. This feature allows you to block or limit unwanted bots while allowing beneficial ones like search engine crawlers and status monitors.

By integrating AWS WAF Bot Control, you can deploy managed bot protection by adding a managed rule group to your Web Access Control List (ACL). This integration provides real-time, detailed insights into bot activities through dashboards, helping you monitor and respond to bot traffic effectively. Additionally, it reduces operational and infrastructure costs by blocking unwanted bot traffic at the network edge, ensuring your applications run smoothly and efficiently.

A key features of AWS WAF Bot Control:

1. Enhanced Visibility and Management: It offers real-time insights into bot traffic, enabling you to monitor and control various types of bots, including scrapers, scanners, and crawlers.
2. Simple Implementation: You can activate Bot Control by adding a managed rule group to your Web Access Control List (ACL). This makes it easy to integrate bot protection with services like Amazon CloudFront, Application Load Balancer, Amazon API Gateway, or AWS AppSync.
3. Cost Efficiency: By blocking unwanted bot traffic at the edge, Bot Control helps reduce the costs associated with handling excessive bot traffic.
4. Customizable Security: Bot Control allows for high customization. You can define which requests it evaluates, set different actions for various bot categories, and combine it with your own custom WAF rules.
5. Comprehensive Dashboard: It includes a console dashboard that provides detailed insights into bot activities, helping you better understand and manage bot traffic.

Setup to Secure Web Application from Bot Activity

A CloudFront Distribution distributes web application contents to users. An organization wants to secure its web application from bot by setting up firewall. AWS Web Application Firewall (AWS WAF) bot control managed rule protects a web application against bot activities.

Steps to set up AWS WAF Bot Control for securing web application against bot activities:

1. Create a Web ACL and associate it with AWS CloudFront distribution.

2. Select, Add managed rule groups, enable bot control and click on edit.

3. Select Bot Control Inspection level as “Common”

4. In Bot Control Rules, Select “Override to count” for “Override all rule actions”

5. Keep all default settings and create a web ACL.

6. A WebACL displays the traffic statistics like count of traffic blocked, allowed.

7. Bot Control Dashboard displays the traffic characteristics like bot detected, from which type of devices.

New Features Added to AWS WAF Bot Control Managed Rules

AWS WAF Bot Control Managed Rule expands bot detection capabilities.

AWS WAF has rolled out an enhanced version of its Bot Control Managed Rule Group, offering new features to better safeguard web applications from bot activity. Here are the key improvements:

1. Token Reuse Detection: This feature now identifies the reuse of WAF tokens across different autonomous system numbers (ASNs) and geographic locations, in addition to the existing IP-based detection. You can adjust sensitivity levels (High, Medium, Low) to suit your needs. For example, applications with mobile users who frequently change IPs might allow higher token reuse, while more static applications can enforce stricter controls.
2. Expanded Bot Categories: The update includes 19 new bots, with several verified AI bots added to various categories.
3. Cloud Service Provider Labels: New labels enable you to selectively allow or block traffic from specific cloud service providers.
4. Automated Browser Extension Labels: These labels detect the presence of browser extensions that assist in web automation, such as Selenium IDE, complementing the existing automated browser signals.
5. Improved CloudWatch Visibility: Each matched rule now emits a WAF label, enhancing visibility in CloudWatch logs. This improvement is also included in the new 1.1 versions of the AWS WAF Fraud Control rule groups.

Conclusion

AWS WAF Bot Control provides protection against bot activities to the web application. The new features released on 14^th September 2024 enhance the bot protection against token reuse, from specific CSP labels and CloudWatch visibility.

About CloudThat

CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more.

CloudThat is the first Indian Company to win the prestigious Microsoft Partner 2024 Award and is recognized as a top-tier partner with AWS and Microsoft, including the prestigious ‘Think Big’ partner award from AWS and the Microsoft Superstars FY 2023 award in Asia & India. Having trained 650k+ professionals in 500+ cloud certifications and completed 300+ consulting projects globally, CloudThat is an official AWS Advanced Consulting Partner, Microsoft Gold Partner, AWS Training Partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, AWS GenAI Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner,  AWS Microsoft Workload Partners, Amazon EC2 Service Delivery Partner, Amazon ECS Service Delivery Partner, AWS Glue Service Delivery Partner, Amazon Redshift Service Delivery Partner, AWS Control Tower Service Delivery Partner, AWS WAF Service Delivery Partner and many more.

To get started, go through our Consultancy page and Managed Services Package, CloudThat’s offerings.