How to add a rate limit rule by URL


I want to add a rate limit rule that forces a captcha when the limit is reached. I want to limit this for any user who is accessing a URL which contains the word "product" in the url.

I set something up like this and want to confirm if this is correct?

Request aggregation Count all Rate limit 100 Scope-down statement Field to match URI path Positional constraint Contains string Search string /product Text transformations Lowercase (Priority 0)

asked 7 months ago221 views
1 Answer

Your concept is correct. Would recommend that you capture the WAF logs to an S3 bucket and setup a table in Athena to run queries to help validate your custom WAF rules. More details are available in this blog 3 most important AWS WAF Rate Based Rules

profile pictureAWS
answered 7 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions