WAF (Web Application Firewall) is a firewall service to protect web applications from common web exploit attacks.
- It is an OSI Layer 7 firewall.
- It monitors HTTP or HTTPS requests to ELB, CloudFront, or API Gateway.
- Blocked traffic returns HTTP 403 (Forbidden) error status.