Table of Contents
- 1. Introduction
- 2. Availability of the updates
- 3. New features in WafCharm for AWS (website version)
- 4. Web monitoring feature will be available
- 5. Changes that come with the new features
- 6. Summary
- 7. Switching accounts
1. Introduction
We updated WafCharm on June 1st, 2023 with new features and spec changes.
In this blog post, we will explain the new features and updates.
2. Availability of the updates
The new features and updates will be available to users who register after June 1st, 2023 due to the changes in architecture.
If your WafCharm account was created before May 31st, 2023, but want to use the new features and updates, you will need to create a new WafCharm account to access them.
*Some features may become available to all users, including WafCharm users who registered before May 31st, 2023 in the future.
3. New features in WafCharm for AWS (website version)
Below are the new features available in WafCharm for AWS (website version).
- Updating blacklist and whitelist immediately after saving the changes
- Updating blacklist with re-matching feature every 5 minutes
- Changing the log counting method for the number of web requests
*These features are also available for WafCharm for AWS Marketplace.
Update 1: Updating blacklist and whitelist immediately after saving the changes
We have been providing a feature to update the IP addresses in the blacklist and whitelist from the Web ACL Config page in the WafCharm dashboard. Previously, this feature required you to wait for 5-10 minutes before the changes were applied to your web ACLs. However, we've developed a new architecture to allow the changes to be applied immediately after saving the changes.
Update 2: Updating blacklist with re-matching feature every 5 minutes
WafCharm's blacklist feature includes a function to add IP addresses by re-matching the access logs to hundreds of signatures. This re-matching feature previously operated on an hourly basis, but with the new architecture, we can now operate the feature every 5 minutes.
Update 3: Changing the log counting method for the number of web requests
WafCharm has been using access logs obtained from the S3 path specified in the Web Site Config to count the number of web requests.
With this update, WafCharm will use CloudWatch Metrics to count the number of web requests.
To be more specific, the total number of AllowedRequests and BlockedRequests reported from AWS WAF to CloudWatch Metrics will be used as the number of web requests.
For the details on metrics reported by AWS WAF, please refer to the AWS document below.
AWS WAF metrics and dimensions
4. Web monitoring feature will be available
We will be providing the web monitoring feature for WafCharm for AWS (website version) users.
*This feature has been available for WafCharm for AWS Marketplace users.
In this feature, the FQDN specified in the WafCharm dashboard will be registered as a monitoring target and when detection of DNS fails, when links to malicious websites are included, or when HTTPS connection configuration includes deprecated or compromised settings, we will inform you at the email address registered for notifications.
For more information, please refer to the manual below.
Overview of web monitoring function
Steps to configure the feature are available in the blog post below.
About Web Monitoring Config
5. Changes that come with the new features
Since WafCharm will be working on a new architecture, it will not be compatible with AWS WAF Classic for new users. All blog posts will be adjusted to reflect the new specifications and features.
However, users who registered before May 31st will be able to register new Web ACL Config for AWS WAF Classic. If you need to use AWS WAF Classic, please refer to the blog post below.
Using WafCharm with AWS WAF Classic
6. Summary
Below is a table to show the differences before and after the updates.
*This table is only applicable to users of WafCharm for AWS (website version).
| Feature/Specification | Users who registered before 05/31/2023 | Users who registered before 06/01/2023 |
|---|---|---|
| Available plans |
(Old) Business plan (Old) Enterprise plan |
Business plan Enterprise plan |
| Available platforms |
AWS WAF Classic AWS WAF v2 | AWS WAF v2 |
| Method to count the number of web requests | Access logs | CloudWatch Metrics |
| The time it takes to update blacklist/whitelist | 5-10 minutes | Immediate |
| The time to update blacklist with signature re-matching feature | Every hour | Every 5 minutes |
| Web Monitoring Feature | Unavailable | Available |
| Required permissions |
AWSWAFFullAccess AmazonS3ReadOnlyAccess |
AWSWAFFullAccess AmazonS3ReadOnlyAccess CloudWatchReadOnlyAccess |
7. Switching accounts
If you want to use the WafCharm account with the new specifications, please contact the support team.
hello@wafcharm.com
