implementing-cloud-waf-rules

Featured

This skill covers deploying and tuning Web Application Firewall rules on AWS WAF, Azure WAF, and Cloudflare to protect cloud-hosted applications against OWASP Top 10 attacks. It details configuring managed rule sets, creating custom rules for business logic protection, implementing rate limiting, deploying bot management, and reducing false positives through rule tuning and logging analysis.

DevOps & Infrastructure 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Implementing Cloud WAF Rules ## When to Use - When deploying new web applications or APIs behind cloud load balancers requiring OWASP protection - When application penetration testing reveals SQL injection, XSS, or other injection vulnerabilities - When experiencing brute force, credential stuffing, or bot attacks against authentication endpoints - When compliance requirements mandate a WAF for PCI-DSS or similar standards - When tuning WAF rules to reduce false positives blocking legitimate application traffic **Do not use** for network-level DDoS protection (use AWS Shield or Azure DDoS Protection), for API authentication design (see managing-cloud-identity-with-okta), or for application code-level security fixes (WAF is a compensating control, not a replacement for secure code). ## Prerequisites - AWS ALB/CloudFront, Azure Application Gateway, or Cloudflare configured as the application entry point - Application traffic logs for baseline analysis before WAF deployment - Test environment for validating WAF rules before production enforcement - Understanding of application request patterns to minimize false positives ## Workflow ### Step 1: Deploy Managed Rule Sets Enable cloud provider managed rule sets that cover OWASP Top 10 vulnerabilities. Start in Count (detection) mode before switching to Block (prevention) mode. ```bash # AWS WAF: Create Web ACL with AWS Managed Rules aws wafv2 create-web-acl \ --name production-waf \ --scope REGIONAL \ --default-act...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Integrates with

Azure · Cloud Cloudflare · Cloud

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

securing-api-gateway-with-aws-waf

Securing API Gateway endpoints with AWS WAF by configuring managed rule groups for OWASP Top 10 protection, creating custom rate limiting rules, implementing bot control, setting up IP reputation filtering, and monitoring WAF metrics for security effectiveness.

12,642 Updated today
mukul975
AI & Automation Featured

implementing-ddos-mitigation-with-cloudflare

Configure Cloudflare DDoS protection with managed rulesets, rate limiting, WAF rules, Bot Management, and origin protection to mitigate volumetric, protocol, and application-layer attacks.

12,642 Updated today
mukul975
DevOps & Infrastructure Solid

azure-web-application-firewall

Expert knowledge for Azure Web Application Firewall development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when configuring Front Door/App Gateway WAF rules, rate limits, bot/CAPTCHA, Sentinel logging, or IaC deployments, and other Azure Web Application Firewall related development tasks. Not for Azure Application Gateway (use azure-application-gateway), Azure Front Door (use azure-front-door), Azure Firewall (use azure-firewall), Azure DDos Protection (use azure-ddos-protection).

562 Updated today
MicrosoftDocs
Web & Frontend Listed

configuring-firewalls

Configure host-based firewalls (iptables, nftables, UFW) and cloud security groups (AWS, GCP, Azure) with practical rules for common scenarios like web servers, databases, and bastion hosts. Use when exposing services, hardening servers, or implementing network segmentation with defense-in-depth strategies.

368 Updated 5 months ago
ancoleman
DevOps & Infrastructure Featured

securing-azure-with-microsoft-defender

This skill instructs security practitioners on deploying Microsoft Defender for Cloud as a cloud-native application protection platform for Azure, multi-cloud, and hybrid environments. It covers enabling Defender plans for servers, containers, storage, and databases, configuring security recommendations, managing Secure Score, and integrating with the unified Defender portal for centralized threat management.

12,642 Updated today
mukul975