AWS WAF not working for Domain Name of AWS API Gateway

Sarriman

1/21/23, 9:46 PM

I have set up a service which is exposing an API Gateway link, let's say foobar.execute-api.eu-west-2.amazonaws.com.

I have created an AWS WAF to limit traffic to certain IPs. Everything works fine on the subdirectories (e.g.: foobar.execute-api.eu-west-2.amazonaws.com/bar, foobar.execute-api.eu-west-2.amazonaws.com/bar/foo) and the response is a 404 not found as it has been set up for IPs that do not belong on a predefined IP range.

Although when I try to access the Domain Name itself foobar.execute-api.eu-west-2.amazonaws.com I don't get a 404, and instead I am getting a {"message": "Forbidden"} white page.

What can I do to also "hide" the Domain Name (foobar.execute-api.eu-west-2.amazonaws.com) from the Internet, and return a 404 instead of a {"message": "Forbidden"}?

0 + 0

amazon-web-services

amazon-api-gateway

amazon-waf

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: AWS WAF not working for Domain Name of AWS API Gateway

TH: AWS WAF ไม่ทำงานสำหรับชื่อโดเมนของ AWS API Gateway

RO: AWS WAF nu funcționează pentru Numele de domeniu al AWS API Gateway

RU: AWS WAF не работает для доменного имени шлюза AWS API

VI: AWS WAF không hoạt động đối với Tên miền của Cổng API AWS

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.