In our Amazon project, WAF blocks legitimate requests according to the rule_SSRF_attempt_AllQueryArguments_Body rule. How can I find out the reasons and allow traffic to pass without affecting security?
A signature based WAF is just that. To bypass a signature, the signature must be disabled. AWS WAF and all the managed rules on top of it fight this category. If you need a WAF this is highly tuned to your application stack then you will need to look for a more robust WAF such as Adv. WAF.
If you export the AWS WAF logs to a log_group you can get detailed information about what happend. Look for the terminating rule ID, you can then disable the rule within the rule group. On the question of not impacting security, the rules are created off know good (reliable signatures) so by disabling a rule to allow traffic that matches a known good signature you will also allow bad actors that are attempting to use that signature. You will need to ensure that your applicaition and supporting infrastructure are appropriatley hardened to mitigate the risk of allow the traffic.