Using managed rule groups in Amazon WAF
This section explains what managed rule groups are and how they work.
Managed rule groups are collections of predefined, ready-to-use rules that Amazon and Amazon Web Services Marketplace sellers
write and maintain for you. Basic Amazon WAF pricing applies to your use of any managed rule group.
For Amazon WAF pricing information, see Amazon WAF Pricing
-
The Amazon Managed Rules rule groups for Amazon WAF Bot Control, Amazon WAF Fraud Control account takeover prevention (ATP), and Amazon WAF Fraud Control account creation fraud prevention (ACFP) are available for additional fees, beyond the basic Amazon WAF charges. For pricing details, see Amazon WAF Pricing
. -
All other Amazon Managed Rules rule groups are available to Amazon WAF customers at no additional cost.
-
Amazon Web Services Marketplace managed rule groups are available by subscription through Amazon Web Services Marketplace. Each of these rule groups is owned and managed by the Amazon Web Services Marketplace seller. For pricing information to use a Amazon Web Services Marketplace managed rule group, contact the Amazon Web Services Marketplace seller.
Some managed rule groups are designed to help protect specific types of web applications like
WordPress, Joomla, or PHP. Others offer broad protection against known threats or common web
application vulnerabilities, including some of the ones listed in the OWASP Top
10
Automatic updates
Keeping up to date on the constantly changing threat landscape can be time consuming and expensive. Managed rule groups can save you time when you implement and use Amazon WAF. Many Amazon and Amazon Web Services Marketplace sellers automatically update managed rule groups and provide new versions of rule groups when new vulnerabilities and threats emerge.
In some cases, Amazon is notified of new vulnerabilities before public disclosure, due to its participation in a number of private disclosure communities. In those cases, Amazon can update the Amazon Managed Rules rule groups and deploy them for you even before a new threat is widely known.
Restricted access to rules in a managed rule group
Each managed rule group provides a comprehensive description of the types of attacks and vulnerabilities that it's designed to protect against. To protect the intellectual property of the rule group providers, you can't view all of the details for the individual rules within a rule group. This restriction also helps to keep malicious users from designing threats that specifically circumvent published rules.