Enter a Name and select Rate-based rule. ![]() Select Add my own rules and rule groups. ![]() Select the web ACL and then select the Rules tab.Note: You can specify any request parameter. Resolution Scenario 1: Add a rate limit to a specific URI The following resolution considers two scenarios where you can customize the rate-based rule on a specific parameter. Select the Only consider requests that match the criteria in a rule statement option to create the equivalent to a scope-down statement. Note: The AWS WAF console doesn't have an option for "scope-down statements" for a rate-based-rule. You can define conditions so that only the requests matching the scope-down statements are considered for evaluation by that rule. But, you can configure the rule to use an IP address from an HTTP header, such as X-Forwarded-For, instead.įor these rate-based rule statements, you can also define conditions as part of scope-down statements. By default, AWS WAF aggregates requests based on the IP address from the web request origin. ![]() You can use a rate-based rule to put a temporary block on requests from an IP address that's sending excessive requests. The rules initiate the rule action on IPs with rates that go over a specified limit within a five-minute period. AWS WAF has rate-based rules that track the rate of requests for each originating IP address.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |