Forum Discussion
Nikoolayy1
Aug 18, 2021MVP
The AWS WAF as a whole is not made well to deal with false positives and it can't replace F5 for critical sites. In the AWS WAF GUI overview logs for AWS waf you just see the request without any highlights about what part causes the issue and the only workaround is you to set the action to 'count'' for the subrule group t hat makes a security hole or create a custom allow rule with higher priority but as you don't know from the logs exactly what part of the request causes the false positive and you can't directly view the F5 AWS WAF rules or the Native AWS WAF rules you are making the custom allow rule hoping you are not making a security hole.