Posted On: Apr 11, 2023

Starting today, AWS WAF supports inspecting the body of incoming requests to protected CloudFront distributions, up to 64KB. The default inspection size of the body of an HTTP/S request has been increased from 8KB to 16KB. This new default will be applied to all new and existing WAF web access control lists, free of charge. 

AWS WAF is a web application firewall that enables you to monitor the HTTP(S) requests that are made to your protected web application resources. The inspection limit on the body defines the portion of each request payload WAF will inspect for application threats. Customers can continue to choose to allow, block, or count requests that exceed the limit they define.

AWS WAF previously had a maximum request body inspection of 8KB. For CloudFront distributions, AWS WAF will now support inspecting up to 64KB of request bodies. 

For more information about the service, visit the AWS WAF page. For more information about pricing, visit the AWS WAF Pricing page.