wafv2/aws.sdk.kotlin.services.wafv2.model/ClientSideAction/Builder/exemptUriRegularExpressions

exemptUriRegularExpressions

var exemptUriRegularExpressions: List<Regex>?

The regular expression to match against the web request URI, used to identify requests that can't handle a silent browser challenge. When the ClientSideAction setting UsageOfAction is enabled, the managed rule group uses this setting to determine which requests to label with awswaf:managed:aws:anti-ddos:challengeable-request. If UsageOfAction is disabled, this setting has no effect and the managed rule group doesn't add the label to any requests.

The anti-DDoS managed rule group doesn't evaluate the rules ChallengeDDoSRequests or ChallengeAllDuringEvent for web requests whose URIs match this regex. This is true regardless of whether you override the rule action for either of the rules in your web ACL configuration.

Amazon Web Services recommends using a regular expression.

This setting is required if UsageOfAction is set to ENABLED. If required, you can provide between 1 and 5 regex objects in the array of settings.

Amazon Web Services recommends starting with the following setting. Review and update it for your application's needs:

\/api\/|\.(acc|avi|css|gif|jpe?g|js|mp[34]|ogg|otf|pdf|png|tiff?|ttf|webm|webp|woff2?)$

© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved. Generated by dokka