waf | Web Application Firewall | Firewall library

How do I chain to resource(s) created with count? Or should I not created them with count if I want to chain additional resources to them? Doing it the way below, with count used in the initial resource and for_each used in the chained resource gives me the following error:

I have those lines in the .htaccess file.

I've been trying to implement Azure Front Door custom rules for IP restrictions on Azure Static Web Apps. So far I have:

• Configured the static web app to support Front Door: https://docs.microsoft.com/en-us/azure/static-web-apps/front-door-manual
• Configured domains, backends and routing for Front Door
• Added WAF policy and custom rule for ip restrictions following this guidance: https://docs.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-configure-ip-restriction

Everything else works just fine, except that the IP restriction rule seems to be blocking all traffic (or least the IP's it's supposed to let through). Similar rule with Geo locations works just fine. IP Restriction rule is:

• Match type: IP address
• Match variable: SocketAddr (tried with RemoteAddr as well, with same result)
• Operation: Does not contain
• IP range: List of X.X.X.X/32 that should go through.
• Action: block

Logs show that traffic from IP's in IP range is indeed blocked by Front Door.

Has anyone managed to get such setup working or is there an apparent error in what I'm trying to do? We've checked the rule and logs with a colleague and can't spot any apparent errors, and the fact that blocking based on geo location works, leads me to believe that this scenario might not work yet with Front Door and Static Web Apps.

Some discussion I've been able to find:

• Static Web App issue: https://github.com/Azure/static-web-apps/issues/373
• Similar questions in here relating to Web Apps: How to configure Web Apps such that they cannot be accessed directly? (the mentioned header is implemented in static web app config)

I am trying to build in Terraform a Web ACL resource https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafv2_web_acl

This resource has the nested blocks rule->action->block and rule-> action->count

I would like to have a variable which's type allows me to set the action to either count {} or block{} so that the two following configurations are possible:

With block:

How can I get requests with urls containing any of these special chars <>^| to make it to my lambda behind api gateway, and not be blocked at api gateway?

Problem: We have a lambda triggered by api gateway, and the lambda responds normally to most requests. But, a url with certain special chars (<>^|) returns a 400 bad_request without ever being delivered to the lambda. When the url-encoded alternative (i.e. %7C in place of |) is used in the url instead, the lambda responds without issues.

At first, our team presumed that the requests containing these special chars, specifically vertical bar (|), were being blocked by AWS WAF. But the WAF graph doesn't register that the requests ever hit, leading us to think this could be an api gateway issue.

What's been tried: ran the same curl request 10 times against a deployed server. Nine of those times, used a special char in url endpoint, tenth time, used encoded equivalent.

Encoded attempt went through, and lambda responded without issue. All nine other attempts failed, and did not show up in AWS console, or the WAF graph.

Outside of informing our users to always encode these special chars in the url bodies as a 'fix', would super appreciate any insights into this api gateway issue. Thanks.

I am using WordPress and we have one directory that is not a WordPress directory /images and we need this directory to be HTTP only everything else should be forced to HTTPS.

In the WordPress settings we have the domain set to HTTP

and in the .htaccess file we have the below.

I can not seem to get this to work. Our host is cloudways if that helps any

First of all, I'm using Ubuntu 20.04 and Python 3.8. I would like to run a program that takes command line inputs. I managed to start the program from python with the os.system() command, but after starting the program it is impossible to send the inputs. The program in question is a product interface application that uses the CubeSat Space Protocol (CSP) as a language. However, the inputs used are encoded in a .c file with their corresponding .h header.

In the shell, it looks like this: starting the program

In python, it looks like this:

I'm trying to folllow Azure Tutorial on how to get Api Management under a vnet and accessible through an application gateway (WAF). I'm stuck trying to upload the root cert into application gateway. It says that the "Data for certificate is invalid", apparently Azure Application gateway doesn’t like Letsencrypt certs.

My certs are:

1. mydomain.com.br
2. api.mydomain.com.br
3. developer.mydomain.com.br
4. managemnet.mydomain.com.br

I have used acmesh to generate all certs:

I have a waf build script and need to invoke a program which is not officially supported.