Web request components

This section describes the settings that you can specify for rule statements that inspect a component of the web request. For information on usage, see the individual rule statements at Match rule statements.

A subset of these components can also be used in rate-based rules, as custom request aggregation keys. For information, see Aggregation options and keys.

For the request component settings, you specify the component type itself, and any additional options that you choose, depending on the component type. For example, if you choose a component type that contains text to be inspected, you can specify text transformations that you want AWS WAF to apply before evaluating your inspection criteria.

Note

Unless otherwise noted, if a web request doesn't have the request component that's specified in the rule statement, AWS WAF evaluates the request as not matching the rule criteria.

Contents

• Request component options
  • HTTP method
  • Single header
  • All headers
  • Header order
  • Cookies
  • URI path
  • JA3 fingerprint
  • Query string
  • Single query parameter
  • All query parameters
  • Body
  • JSON body
• Forwarded IP address
• How to inspect HTTP/2 pseudo headers
• Text transformations