How do I configure a CAPTCHA rule for a specific URL in AWS WAF?

2 minute read

I want to create a CAPTCHA rule for a specific URL for my web access control list (web ACL) in AWS WAF.


To create a CAPTCHA rule that checks a specific URL, complete the following steps:

  1. Open the AWS WAF console.
  2. In the navigation pane, choose AWS WAF, and then choose Web ACLs.
  3. For Region, select the AWS Region where you created your web ACL.
    Note: If your web ACL is set up for Amazon CloudFront, then select Global.
  4. Select your web ACL.
  5. Under Rules, choose Add Rules, and then choose Add my own rules and rule groups.
  6. Add the following values to set up your rule:
    For Rule type, choose Rule Builder.
    For Name, enter a name for the rule.
    For Type, choose Regular rule.
    For If a Request, choose Matches the statement.
    For Inspect, choose Single header.
    For Header field name, enter Host.
    For Match type, choose Exactly matches String.
    For String to match, enter your host name.
    (Optional) Choose a text transformation, or choose None.
    For Action, choose CAPTCHA.
  7. Choose Add Rule.
  8. For Set Rule Priority, select your rule and then update its priority. For more information, see Processing order of rules and rule groups in a web ACL.
  9. Choose Save.

Related information

CAPTCHA and Challenge in AWS WAF

How can AWS WAF help prevent brute force login attacks?

AWS OFFICIALUpdated 23 days ago