Working with conditions
Warning
AWS WAF Classic support will end on September 30, 2025.
Note
This is AWS WAF Classic documentation. You should only use this version if you created AWS WAF resources, like rules and web ACLs, in AWS WAF prior to November 2019, and you have not migrated them over to the latest version yet. To migrate your web ACLs, see Migrating your AWS WAF Classic resources to AWS WAF.
For the latest version of AWS WAF, see AWS WAF.
Conditions specify when you want to allow or block requests.
To allow or block requests based on whether the requests appear to contain malicious scripts, create cross-site scripting match conditions. For more information, see Working with cross-site scripting match conditions.
To allow or block requests based on the IP addresses that they originate from, create IP match conditions. For more information, see Working with IP match conditions.
To allow or block requests based on the country that they originate from, create geo match conditions. For more information, see Working with geographic match conditions.
To allow or block requests based on whether the requests exceed a specified length, create size constraint conditions. For more information, see Working with size constraint conditions.
To allow or block requests based on whether the requests appear to contain malicious SQL code, create SQL injection match conditions. For more information, see Working with SQL injection match conditions.
To allow or block requests based on strings that appear in the requests, create string match conditions. For more information, see Working with string match conditions.
To allow or block requests based on a regex pattern that appear in the requests, create regex match conditions. For more information, see Working with regex match conditions.
Topics
