In this section, we are going to look at a few simple and easy-to-follow steps for getting started with AWS WAF. For demonstration purposes, we will be leveraging the same environments and application that we deployed from our previous chapter here, so, if you haven't gone through the use case, this might be a good time for a quick revisit!

In the previous chapter, we leveraged Elastic Beanstalk as well as Elastic File System services to deploy a scalable and highly available WordPress application over the internet. In this section, we will leverage the same setup and secure it even further by introducing AWS WAF into it. Why use WAF for our WordPress application? Well, the simplest answer is to completely abstract the security checks from the underlying web server instance(s), and instead place the security checks at the point of entry of our application, as depicted in the following diagram:

To get started, you will first need to ensure that your WordPress application has a CloudFront CDN attached to it, or alternatively an Application Load Balancer frontend its requests. This is a crucial step, as without a CloudFront CDN or an Application Load Balancer, WAF will simply not work! In my case, I have configured and deployed a simple CloudFront CDN for my production-grade WordPress application. You can refer to the following step-by-step guide for setting up your own CDN using CloudFront, at http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/.