Bolster Security by Eliminating Malicious Web Traffic with AWS ELB Features
About the Client
Our client is a prominent US-based supermarket chain leveraging technology capabilities to offer a superior customer experience and a compelling product differentiation to customers by offering value services such as online ordering and home delivery.
The online retailer offered the provision of choosing a preferred delivery time slot called “Grab Mode” to their registered delivery personnel. During this time, the website witnessed unusually high traffic and access attempts by bad IP addresses.
This resulted in multiple challenges. Firstly, this slowed down the website performance in terms of usability and response time. Secondly, the database’s CPU utilization peaked 100% during specific time frames throughout the day. Thirdly, this affected other legitimate website features detrimentally, as the users were unable to perform operations on the UI.
We wrote custom scripts to parse and analyze various application and web server log files to filter bad web requests. Then, we looked for a solution at the Apache layer, followed by the application layer and finally zeroed in on the load balancer layer. Post evaluation, the managed security solution from AWS called AWS WAF was selected and deployed along with the Application Load Balancer (ALB). This helped to filter traffic before it reached the Apache server.
The employed security solution reduced the manual analysis effort and secured the application Infrastructure.
- The database CPU performance reduced from 100% to around 35%.
- The average response time reduced by 3x.