AWS recently introduced support for "CAPTCHA" and "Challenge" actions for their AWS Web Application Firewall (WAF).
The CAPTCHA action presents a puzzle to the end user and allows access to your website only if the presented puzzle is solved correctly. The puzzle is designed to be easily solved by humans but hard to solve for computers. The “Challenge” action silently checks if the request comes from a real person's internet browser or if the request is done by a bot or site crawler.
We’ve used this to help enhance the security of our clients’ sites, without limiting access to legitimate front-end users. For example, before instituting the new AWS CAPTCHA, we had set a rule with inspection criteria that measured the rate of requests for a given end-user IP address. When the rate was too high, we applied a WAF “Blocking” rule for the given IP address.
We have now changed the rule action to "Challenge" which does not directly block the IP address, but tests the request as either a bot or a real end-user. Bots get blocked, and real end-users are still able to access the website. This allows us to make the rate-limiting rule (requests per minute) to be even more strict - allowing fewer requests per minute. We further customize this by making sure the action only triggers based on a combination of rate limits or regional criteria.
Authentication is required by all of the major email providers and can be a daunting task to implement without the right tools. AWS cloud hosting services gives you easy access to authenticated mail sending via Simple Email Service (SES).
AWS SES simplifies DKIM and DMARC setup by providing detailed instructions along with the required DNS records in a copy/paste format. The SMTP credentials created as part of the SES setup can also be used for sending authenticated emails programmatically from your website or CRM.
You can even set custom mail domains with the configuration options provided to mark mail as originating from your domain, instead of Amazon’s default subdomain. The included monitoring service allows you to track important mail delivery stats, view suppression lists, and evaluate service health overall.
Simplify your business's communication with AWS SESRead more about email authentication
GoLibrary is an innovative collaborative outreach initiative led by the Northern Lights Library System. This library card registration site is designed to help reach Indigenous communities in Alberta, Canada, and promote library services.
Mugo Web partnered with the library to bring this vision to life. By utilizing AWS services like SMS messaging and SES, site users get immediate notifications via phone or email and can start using digital library instantly.
GoLibrary case study