Just as you thought you had solved your milkshake fiasco, more malicious requests are targeting your application. The attacks have become more specific. You realise you can block these attacks with a custom rule for your WAF Web ACL. All of the attacks seem to contain a strange header, X-TomatoAttack. Blocking requests with that header will stop the attack.
WAF allows you to create your own rules for handling requests. This is useful for adding logic relevant for your specific application. Alongside custom rules, this section will introduce request sampling and Web ACL Capacity Units.
MyCustomRule-X-TomatoAttack
.
X-TomatoAttack
.0
.
You could also achieve the same goal using a regular expression.
# This will be blocked
curl -H "X-TomatoAttack: Red" "<Your Juice Shop URL>"
7. Run command.
# This will be blocked
curl -H "X-TomatoAttack: Green" "<Your Juice Shop URL>"
8. In the detail of Web ACL page.