Protect your web applications from common exploits
Get 10 million common bot control requests per month
with the AWS Free Tier
Save time with managed rules so you can spend more time building applications.
More easily monitor, block, or rate-limit common and pervasive bots.
Improve web traffic visibility with granular control over how metrics are emitted.
How it works
AWS WAF helps you protect against common web exploits and bots that can affect availability, compromise security, or consume excessive resources.
Filter web traffic
Create rules to filter web requests based on conditions such as IP addresses, HTTP headers and body, or custom URIs.
Prevent account takeover fraud
Monitor your application’s login page for unauthorized access to user accounts using compromised credentials.
Administer AWS WAF with APIs
Create and maintain rules automatically and incorporate them into the development and design process.
How to get started
Get started with AWS WAF
Deploy AWS WAF on Amazon CloudFront and Application Load Balancer.
Contact an expert
Protect your applications running in the cloud or on premises.
Start using AWS WAF
Keep your applications and APIs available and protected.