Advanced Anti-DDoS protection using the Amazon WAF Anti-DDoS managed rule group

AWSManagedRulesAntiDDoSRuleSet – Detects, labels, and challenges requests that are likely participating in a DDoS attack. It also labels all requests to a protected resource during an event. For details about the rule group's rules and labels, see Amazon WAF Distributed Denial of Service (DDoS) prevention rule group. To use this rule group, include it in your web ACL using a managed rule group reference statement. For information, see Adding the Anti-DDoS managed rule group to your web ACL.

• Web ACL traffic overview dashboards – Provide monitoring for DDoS activity and anti-DDoS responses in the console. For more information, see Web ACL traffic overview dashboards.

• Logging and metrics – Allow you to monitor traffic and understand Anti-DDoS protection effects. Configure logs, Amazon Security Lake data collection, and Amazon CloudWatch metrics for your web ACL. For information about these options, see Logging Amazon WAF web ACL traffic, Monitoring with Amazon CloudWatch, and What is Amazon Security Lake?.

• Labels and label matching rules – Allow you to customize handling of web requests identified by the Anti-DDoS managed rule group. For any rule in AWSManagedRulesAntiDDoSRuleSet, you can switch to count mode and match against added labels. For more information, see Label match rule statement and Web request labeling in Amazon WAF.

• Custom requests and responses – Allow you to add custom headers to allowed requests and send custom responses for blocked requests. Pair label matching with Amazon WAF custom request and response features. For more information, see Customized web requests and responses in Amazon WAF.