Web Application Security Services with AWS WAF

Gorgany is a huge retail, wholesale & distribution company of outdoor equipment in Ukraine. The company specializes in the wholesale trade of goods for tourism, mountaineering, skiing, and active recreation.

Established initially as an online retailer, Gorgany has expanded to operate retail stores across various Ukrainian cities, offering a wide range of products. The company represents renowned global brands such as Salewa, Osprey, Turbat, Zamberlan, Esbit, Alpine Pro, and others

To fortify web platform security and reduce protection’s operational complexity, AWS WAF our experts implemented a multi-layered strategy, seamlessly integrating with AWS services for real-time monitoring and automated cyber threat mitigation.

Multi-Layered Online Defence with AWS WAF

A comprehensive rule set was deployed to filter and block malicious traffic while maintaining seamless access for legitimate users. Key measures included:

• Bot Control
  Blocked harmful bots while allowing legitimate ones, such as search engine crawlers, ensuring SEO integrity and system efficiency.
• Managed Rules
  Automatically detected and blocked SQL injection, cross-site scripting (XSS), PHP-specific vulnerabilities, and other common exploits, minimizing security risks.
• IP Reputation Lists
  Proactively blocked requests from known malicious sources, preventing high-risk traffic from reaching the platform.
• Geo-Restriction Policies
  Prevented transactions from unsupported regions, reducing fraudulent activities and unauthorized access.
• Rate-Based Rules
  Limited excessive requests to mitigate credential stuffing attacks, preserving platform performance.
• Custom Rule Matching
  Inspected HTTP request parameters, filtering traffic based on IP addresses, target domains, and request headers to enhance access control.
• IP Whitelisting
  Ensured secure access for trusted partners and employees, avoiding unnecessary disruptions to business operations.

Protection Through Native Cloud Integrations

To enhance visibility, scalability, and security, we integrated AWS with a set of key Amazon Web Services essential for the platform’s functionality:

• Application Load Balancer (ALB)
  Integrated with ALB at the network edge, filtering out threats before they reached application servers.
• Amazon CloudWatch
  Enabled real-time monitoring dashboards, capturing and analyzing attack patterns, suspicious activity, and blocked requests for proactive threat management.

Automation and Continuous Optimization

To reduce manual effort and improve website’s security posture over time, we prioritized automating Web Application Firewall management, ensuring proactive threat mitigation and adaptive protection:

• Automatic updates of Managed Rules to counter evolving threats, including OWASP Top 10 vulnerabilities, IP reputation changes, malicious logins, and bot attacks.
• Dynamic Rule adjustments allowed continuous fine-tuning of threat prevention measures based on attack trends without impacting user experience.

The combination of implemented multi-layered security approach, automated security solution, real-time insights, and optimized traffic filtering – all made on AWS Web Application Firewall – not only eliminated major security risks but also provided a scalable and cost-efficient defense for the entire web software.

80% Reduction in Malicious Traffic

The implemented solution effectively blocked bot attacks, SQL injection, and cross-site scripting before these threats reached the application, ensuring a safer user experience and uninterrupted business continuity.

30% Lower Operational Costs

Automated threat mitigation minimized the need for manual rule adjustments and security monitoring, reducing resource allocation and overall web security expenses.

Faster Response with Real-Time Monitoring

Continuous threat analysis enabled proactive adjustments to security rules, allowing the platform to quickly adapt to emerging attack patterns.

Increased Website Performance

With AWS WAF filtering out unnecessary and harmful traffic, backend servers experienced less strain, leading to faster page load times, thus better overall user experience.