CloudFront rate limit rule doesn't work

Question

I have a CloudFront distribution for an EC2 HTTP server. I created a rate limit for my CloudFront distribution using WAF. In theory no IP address should be able to send more tha

Answer 1

You probably already figured this out, but... you have to specifically select the AWS WAF Web ACL that contains the rate-limit-rule in your CloudFront distribution. You can do this in the Distribution Settings-page of your CloudFront distribution (second item - a dropdown with the label AWS WAF Web ACL).

If you don't, the two aren't connected together, which might explain why your request aren't blocked when you expect them to be blocked.