WAF Access Rules based on VPN
Is it possible to create a WAF access rule for my web app that would prohibit user access via a proxy or VPN? I'd like to get the name of this so I can google more and determine how accurate it is.
4 Replies
You can do but you either have to build the list yourself or be on enterprise to use their managed lists
thank you. defintely want managed list.
I think aws has a managed list too.
next step... I'm thinking of only doing this during registration/activation or if the account is flagged due to high-risk. is it possible to integrate WAF with application logic?
You can limit WAF rules to specific paths
yes, I think that will be it 🙂