AWS WAF supports URI path aggregation key for rate-based rules | Amazon Web Services

Published on 11 Nov 2023, 0:24
AWS Web Application Firewall (WAF) supports URI path as an aggregation key for rate-based rules, providing customers with enhanced control and simplicity in managing request rates for URI paths. With this feature, customers can track request rates for any URI path and apply rule actions based on the number of requests received.

Customers could already use rate-based rules to take a rule action such as Block or Captcha until the rate of requests falls below a customer-defined threshold. Previously, customers had to use scope down statements to specify URIs for rate limiting. It required explicit URI definitions in the rule configuration, which was inconvenient for customers that wanted to protect multiple URI paths with a single rule. With this feature, customers can track request rates for any URI path without the need for additional scope down statements. For instance, customers can now simply create a rule to block users that initiate too many requests to any of the website's URI paths. Customers can further refine rate-based rules by using WAF match conditions or additional request aggregation keys.

Learn more at:

More AWS videos:
More AWS events videos:

Do you have technical AWS questions?
Ask the community of experts on AWS re:Post:

Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 200 fully featured services from data centers globally. Millions of customers — including the fastest-growing startups, largest enterprises, and leading government agencies — are using AWS to lower costs, become more agile, and innovate faster.
#AWSWebApplicationFirewall #URIPathAggregationKey #RatebasedRules #NetworkandApplicationProtection #AWSSecurityServicesFeatureDemos #AWS #AmazonWebServices #CloudComputing