Web request component specification and handling

This section describes the settings that you can specify in rule statements that inspect a component of the web request. For information on usage, see the individual rule statements at Match rule statements.

A subset of these web request components can also be used in rate-based rules, as custom request aggregation keys. For information, see Rate-based rule aggregation options and keys.

For the request component settings, you specify the component type itself, and any additional options, depending on the component type. For example, when you inspect a component type that contains text, you can apply text transformations to it before inspecting it.

Note

Unless otherwise noted, if a web request doesn't have the request component that's specified in the rule statement, AWS WAF evaluates the request as not matching the rule criteria.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Rule statement basics

Request component options

Web request component specification and handling

Note

Contents