By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

How to add a rate limit rule by URL

0

I want to add a rate limit rule that forces a captcha when the limit is reached. I want to limit this for any user who is accessing a URL which contains the word "product" in the url.

I set something up like this and want to confirm if this is correct?

Request aggregation Count all Rate limit 100 Scope-down statement Field to match URI path Positional constraint Contains string Search string /product Text transformations Lowercase (Priority 0)

Topics
Security, Identity, & Compliance
Tags
AWS WAF
Language
English
AniBC
asked 2 years ago803 views
1 Answer
0

Your concept is correct. Would recommend that you capture the WAF logs to an S3 bucket and setup a table in Athena to run queries to help validate your custom WAF rules. More details are available in this blog 3 most important AWS WAF Rate Based Rules

profile pictureAWS
Kuok Chiang
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content