What is a WAF? It is an application layer firewall.

WAFs can be used to protect web applications from SQL injection and other vulnerabilities in application code.

AWS] What is WAF?

AWS WAF is a web application firewall that protects web applications from common web weaknesses that can affect application availability, security breaches, and excessive resource consumption.


Uses (use cases)

S3 You are in charge of running an application that passes objects located in S3 to users. As the operator of this application, you have recently discovered that data links are being used without authorization. You need to address this issue by permanently disabling the external links.


AWS WAF (Web Application Firewall) can be used to implement Referer restrictions on CloudFront .

AWS WAF is a web application firewall that enables monitoring of HTTP and HTTPS requests forwarded to CloudFront and enables control of access to content.

Based on the criteria you specify, such as the IP address requesting execution from the query string or the value of the query string, CloudFront will respond to either the requested content or a request with an HTTP 403 status code (prohibited).


WAF's Referer restriction is a mechanism for content delivery of data to destinations matching IP addresses.