AWS WAF || Allow a specific blocked bot in AWS WAF Bot Control
Let’s Solve this Above title using the STAR method
“STAR” is an acronym that stands for situation, task, action(s), result(s).
Situation
Recently, We have implemented AWS WAF Bot Control on our website. While implementing, I faced an issue that AWS WAF is Blocking a Good Bot called Lighthouse.
PageSpeed Insights (PSI) reports on the user experience of a page on both mobile and desktop devices and provides suggestions on how that page may be improved. This reports two types of data;
1. Real-user experience data
2. Lab diagnostics.
Lab diagnostics uses Lighthouse to analyze the given URL in a simulated environment for the Performance, Accessibility, Best Practices, and SEO categories.
Task
To Allow a specific bot(lighthouse in my case) through AWS WAF, which helps for checking PageSpeed Insights (PSI).
Action(s)
Pre-requ’s:
- You should have a Web ACL created
- A Managed rule i.e., AWS-AWSManagedRulesBotControlRuleSet is already added to the Web-ACL
- A resource is associated with this web ACL i.e., an Application Load Balancer in my case.
Having the above pre-requ’s, let's get into action by following the below 3 steps, i.e.,
1. Identify the Bot.
In my case, I have to allow the “ chrome_lighthouse ” bot
2. In your web ACL, override the action of the blocking rule to count.
In our Web ACL, edit the “ AWS-AWSManagedRulesBotControlRuleSet ” rule at the bottom, we have an option “ Override rule group action ” check the box and save the rule
Add a label-matching rule to your web ACL
In our Web ACL, head towards rules and create a new own rule
Follow along below screenshots for creating the rule
Configuration
Add the rule
Make sure we added this own new rule in priority 1, as below
Now all our configuration is ready for testing.
Result(s)
Now PageSpeed Insights analysis test is working fine, which means lighthouse is now allowed through my AWS WAF.
We can observe the lighthouse request are being allowed in AWS WAF as well
