Home icon

Introducing new application layer (L7) DDoS protections for AWS WAF and AWS Shield Advanced customers

Networking & Content Delivery Blog



AWS has introduced a new AWS Managed Rules (AMR) AntiDDoS feature for AWS WAF to protect against Layer 7 (application-layer) DDoS attacks. Key highlights of the new protection include:

  • Rapid detection and mitigation of HTTP request flood attacks within seconds
  • Automatic traffic pattern learning and baseline establishment within 15 minutes
  • Configurable sensitivity levels for challenge and block actions
  • New AntiDDoS dashboard for real-time visibility into DDoS events
  • Ability to exempt specific URI paths from challenge actions

Pricing varies by customer type: Shield Advanced customers get the feature included with a 50 billion monthly request limit, while AWS WAF customers can add it for $20 per month plus additional request charges.

The feature is designed to provide robust protection against evolving DDoS attack techniques, particularly those targeting web applications at the HTTP/HTTPS request level.



Go to article

The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Related articles

Jun 12
2025
AWS WAF now supports automatic application layer distributed denial of service (DDoS) protection
Jun 26
2025
AWS WAF announces general availability of Resource-level DDoS protection for Application Load Balancers (ALB)
Jun 27
2025
AWS Firewall Manager provides support for AWS WAF L7 DDOS managed rules
Apr 8
2022
AWS Shield Advanced now supports Application Load Balancer for automatic application layer DDoS mitigation

The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.