F5 Rules for AWS WAF - Bot Protection Rules

Question

Bot Protection Rulesを使って、
　特定のURLに30秒間で20回アクセスがあった場合に、それ以降のアクセスを拒否する
というルールを作成すること可能でしょうか？

Using Bot Protection Rules,
Deny further access if a specific URL is accessed 20 times in 30 seconds
Is it possible to create a rule?

dahan · Answer

Hi Motoki,
You can achieve the desired behavior outside of F5 managed rules by adding a new rule to the AWS Web ACL.
While AWS may change the configuration process in the future, currently, go to Web ACLs, select the Rules tab, and click "Add my own rules and rule groups". Then, use Rule Builder to create a Rate-based rule as needed.
Hope that helps!

liefzimmerman · Answer

motoki​ - if this reply helped; please consider marking it as solution. Thanks.

Forum Discussion

F5 Rules for AWS WAF - Bot Protection Rules

2 Replies

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

ASM Sec-CH-UA-Full-Version-List backquote in Header

Scenarios where Service Policy should be used over iRule and Vice versa

Issue on connection limit

Request logging: some fields not recorded

F5 Distributed Cloud Services Simulator Connect

Related Content

F5 Distributed Cloud Origin Server Subset Rules

LTM Cipher rule

F5 NGINX HTTP Request Header Rules: What’s Permitted and What’s Not

F5 Rules for AWS WAF - Rule ID to Attack Type Reference

.htaccess to Nginx rules

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS