What happens if the maximum request rate per second for the web ACL is exceeded?

0

Hello.

I found an article stating that the maximum request rate for a web ACL is 25,000 per second. I want to know what happens if I exceed this limit in my requests. Does the WAF respond with specific HTTP response status codes (such as 401, 500, etc...) if we encounter certain situations?

If there is a way to adjust AWS WAF settings to verify events, please let me know.

Thank you for your time and help in advance.

질문됨 9달 전866회 조회
2개 답변
4
수락된 답변

Hello, When the maximum request rate per second for a web ACL is exceeded in AWS WAF, it typically triggers a rate-based rule. This rule is designed to manage excessive request rates and prevent potential threats such as DDoS attacks or abusive traffic.

Rather than responding with specific HTTP status codes like 401 or 500, AWS WAF takes action based on the configured rules. The actions can include blocking requests from the source IP addresses exceeding the defined threshold, counting requests for monitoring purposes, or logging the events for further analysis.

To manage and adjust AWS WAF settings:

1.Modify Rate-Based Rules: Adjust the threshold of the rate-based rules to align with your anticipated traffic patterns and security requirements.

2.Configure Actions: Specify the appropriate actions to be taken when the rate-based rule is triggered. This could involve blocking, counting, or logging requests.

3.Monitor Events: Regularly monitor AWS WAF logs and metrics to track events and fine-tune your configurations as necessary.

By leveraging these capabilities, AWS WAF provides a robust defence mechanism against excessive request rates and helps safeguard your web applications from potential threats.

profile picture
전문가
답변함 9달 전
profile picture
전문가
검토됨 9달 전
profile pictureAWS
전문가
검토됨 9달 전
3

Hlo,

Please follow below link to resolve your issue

https://docs.aws.amazon.com/waf/latest/developerguide/web-acl.html

A web access control list (web ACL) gives you fine-grained control over all of the HTTP(S) web requests that your protected resource responds to. You can protect Amazon CloudFront, Amazon API Gateway, Application Load Balancer, AWS AppSync, Amazon Cognito, AWS App Runner, and AWS Verified Access resources.

You can use criteria like the following to allow or block requests:

IP address origin of the request

Country of origin of the request

String match or regular expression (regex) match in a part of the request

Size of a particular part of the request

Detection of malicious SQL code or scripting

You can also test for any combination of these conditions. You can block or count web requests that not only meet the specified conditions, but also exceed a specified number of requests in a single minute. You can combine conditions using logical operators. You can also run CAPTCHA puzzles and silent client session challenges against requests.

You provide your matching criteria and the action to take on matches in AWS WAF rule statements. You can define rule statements directly inside your web ACL and in reusable rule groups that you use in your web ACL. For a full list of the options, see Rule statement basics and Rule action.

To specify your web request inspection and handling criteria, perform the following tasks:

Choose the web ACL default action, either Allow or Block, for web requests that don't match any of the rules that you specify. For more information, see The web ACL default action.

Add any rule groups that you want to use in your web ACL. Managed rule groups usually contain rules that block web requests. For information about rule groups, see Rule groups.

Specify additional matching criteria and handling instructions in one or more rules. To add more than one rule, start with AND or OR rule statements and nest the rules that you want to combine under those. If you want to negate a rule option, nest the rule in a NOT statement. You can optionally use a rate-based rule instead of a regular rule to limit the number of requests from any single IP address that meets the conditions. For information about rules, see AWS WAF rules.

If you add more than one rule to a web ACL, AWS WAF evaluates the rules in the order that they're listed for the web ACL. For more information, see Web ACL rule and rule group evaluation.

When you create a web ACL, you specify the types of resources that you want to use it with. For information, see Creating a web ACL. After you define a web ACL, you can associate it with your resources to begin providing protection for them. For more information, see Associating or disassociating a web ACL with an AWS resource.

전문가
답변함 9달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠