AWS WAF enhances rate-based rules to support lower rate limits
News
The article discusses an enhancement to AWS WAF that allows customers to set lower rate limits for rate-based rules.
Specifically, the article covers:
- AWS WAF now supports setting rate-based rule thresholds as low as 10 requests per evaluation window, down from the previous minimum of 100 requests.
- Lower rate limits allow customers to more effectively detect and respond to traffic spikes targeting sensitive applications and APIs, enabling quicker mitigation of sudden usage increases or malicious activity.
- To use lower rate thresholds, customers can set the 'Rate limit' between 10 and 100 when configuring rate-based rules or edit existing rules.
- There is no additional cost for using this feature, but standard AWS WAF charges still apply.
- The feature is available in all AWS Commercial Regions, except a few specified regions.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Feb 24
2025
2025
AWS WAF enhances integration with Service Quotas
Mar 6
2025
2025
AWS WAF adds JA4 fingerprinting and aggregation on JA3 and JA4 fingerprints for rate-based rules
Jun 23
2023
2023
How to configure block duration for IP addresses rate limited by AWS WAF
Feb 18
2025
2025
AWS WAF enhances Data Protection and logging experience
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.