An organization operates a web application that serves users globally. The application runs on Amazon EC2 instances behind an Application Load Balancer.
There is an Amazon CloudFront distribution in front of the load balancer, and the organization uses AWS WAF. The application is currently experiencing a volumetric attack whereby the attacker is exploiting a bug in a popular mobile game.
The application is being flooded with HTTP requests from all over the world with the User-Agent set to the following string: Mozilla/5.0 (compatible; ExampleCorp;
ExampleGame/1.22; Mobile/1.0)
What mitigation can be applied to block attacks resulting from this bug while continuing to service legitimate requests?
josellama2000
Highly Voted 2 years, 7 months agoLaLune
2 years, 4 months agoLarsson
2 years, 6 months agorefuz
2 years, 6 months agoDanao
Highly Voted 2 years, 7 months agoramozo
2 years, 6 months agoliuyomz
Most Recent 2 weeks, 4 days agoRaphaello
3 months agoRaphaello
3 months agoliuyomz
9 months, 2 weeks agopk0619
10 months, 2 weeks agomatrpro
1 year agoITGURU51
1 year, 1 month agobk02
1 year, 3 months agopooppants
1 year, 4 months agoBK__
1 year, 6 months agoBK__
1 year, 6 months agoHieuTT
1 year, 6 months agoknc
1 year, 7 months agoVijiTu
1 year, 7 months agoVijiTu
1 year, 7 months agosapien45
1 year, 8 months agoNanooWord
1 year, 8 months ago