Forum Discussion

Nimbostratus

Jul 26, 2024

F5 Rules for AWS WAF - Bot Protection Rules

Bot Protection Rulesを使って、　特定のURLに30秒間で20回アクセスがあった場合に、それ以降のアクセスを拒否するというルールを作成すること可能でしょうか？ Using Bot Protection Rules, Deny further access if a specific URL is accessed 20 times in 30 second...

F5 Rules for AWS WAF

dahan

Employee

Mar 13, 2025

Hi Motoki,

You can achieve the desired behavior outside of F5 managed rules by adding a new rule to the AWS Web ACL.

While AWS may change the configuration process in the future, currently, go to Web ACLs, select the Rules tab, and click "Add my own rules and rule groups". Then, use Rule Builder to create a Rate-based rule as needed.

Hope that helps!

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

F5 Rules for AWS WAF - Bot Protection Rules

F5 AppWorld 2026 Registration - early bird pricing.

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

F5 Kubernetes CNF/BNK GSLB functionality ?

SSO login for APM Profiles

Change severity for sod log messages

Dealing with iRule $variables for HTTP2 workload while HTTP MRF Router is enabled

F5 Access Guard Deprecated: ZTA APM

Related Content

F5 Distributed Cloud Origin Server Subset Rules

LTM Cipher rule

F5 Rules for AWS WAF - Rule ID to Attack Type Reference

F5 NGINX HTTP Request Header Rules: What’s Permitted and What’s Not

Cipher Rules And Groups in BIG-IP v13

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS