Reference

This section includes information about an optional feature for collecting unique metrics for this solution, pointers to related resources, and a list of builders who contributed to this solution.

Anonymized data collection

This solution includes an option to send operational metrics to AWS. We use this data to better understand how customers use this solution and related services and products. When turned on, the solution collects the following information is collected and sends it to AWS during initial deployment of the CloudFormation template:

• Solution ID - The AWS solution identifier

• Unique ID (UUID) - Randomly generated, unique identifier for each deployment of this solution

• Timestamp - Data-collection timestamp

• Solution configuration - Features turned on and parameters set during initial launch

• Lifecycle - How long the customer used this solution (based on stack delete)

• Log parser data:

  • The number of IP addresses in the Scanner & Probe IP set, Bad Bot IP set and the HTTP Flood IP set to block

  • The number of requests processed and blocked

• IP lists parser data:

  • The number of IP addresses in the Reputation Lists IP set

  • The number of requests processed and blocked

• IP retention data - The number of expired IP addresses being removed from the Allowed or Denied IP set

AWS owns the data gathered through this survey. Data collection is subject to the AWS Privacy Policy. To opt out of this feature, complete the following steps before launching the AWS CloudFormation template.

1. Download the aws-waf-security-automations.template AWS CloudFormation to your local hard drive.

2. Open the CloudFormation template with a text editor.

3. Modify the CloudFormation template mapping section from:

   Solution:
     Data:
      SendAnonymizedUsageData: "Yes"

   to:

   Solution:
     Data:
      SendAnonymizedUsageData: "No"

4. Sign in the AWS CloudFormation console.

5. Select Create stack.

6. On the Create stack page, Specify template section, select Upload a template file.

7. Under Upload a template file, choose Choose file and select the edited template from your local drive.

8. Choose Next and follow the steps in Step 1. Launch the stack.

Related resources

Associated AWS whitepapers

• AWS Best Practices for DDoS Resiliency

Associated AWS Security Blog posts

• How to Prevent Hotlinking by Using AWS WAF, Amazon CloudFront, and Referer Checking

Third-Party IP Reputation Lists

• Spamhaus DROP List website

• Proofpoint Emerging Threats IP list

• Tor exit node list

Contributors

• Heitor Vital

• Lee Atkinson

• Ben Potter

• Vlad Vlasceanu

• Aijun Peng

• Chaitanya Deolankar

• Shu Jackson

• William Quan

• Mykhailo Markhain