Efficient Landing Zone Automation Streamlines Setup, Reducing Manual Work by 80% for a PSU

Solutions

• Implemented AWS WAF rules to block foreign IP addresses during specific time frames, reducing the impact of bot traffic and illegitimate requests during critical booking periods. Time frames are set from 07:40 hrs. to 08:10 hrs, 09:40 hrs to 10:10 hrs, and 10:40 hrs to 11:10 Hrs. 
• Blocked anonymous proxy IP addresses for both their website and mobile application. 
• Blocking is always enabled without whitelist configuration, enhancing security by preventing access from potentially malicious sources. 
• Rate limiting has been set up for their mobile app, restricting it to 7 HTTP requests per second per source. A similar rule has also been enforced to cap requests at 2100 per 5 minutes, effectively managing traffic flow and promoting fair resource utilization. 
• Implemented managed core rule sets for OWASP Top 10 attacks, including protection against illegal URLs, host names, evasion techniques, file types, and known bad inputs. 
• Implemented DDoS protection measures, including rate-based blocking and AWS Managed Rulesets such as Amazon IP Reputation List, Anonymous IP List, and specific Windows and Linux operating system rule sets.