More Info:

WAF should be enabled so that this firewall will prevent malicious attackers to intrude into your system.

Risk Level

Low

Address

Security

Compliance Standards

SOC2, HITRUST, NISTCSF, PCIDSS

Triage and Remediation

Remediation

To remediate the misconfiguration “ELB Should Have WAF Enabled” in AWS using the AWS console, you can follow the below steps:

  1. Login to the AWS console.
  2. Navigate to the EC2 dashboard.
  3. Click on the Load Balancers option from the left-hand menu.
  4. Select the ELB for which you want to enable the WAF.
  5. Click on the Listeners tab.
  6. Click on the Edit button next to the listener for which you want to enable the WAF.
  7. In the Edit Listener dialog box, click on the Add Rule button.
  8. Select the AWS WAF option from the dropdown menu.
  9. Choose the WebACL that you want to associate with the ELB.
  10. Click on the Save button to save the changes.

Once you have completed the above steps, the WAF will be enabled for your ELB in AWS.

Additional Reading: