Describe the current state/issue
Currently, when a request is blocked by rate limiting, we return the default WAF response code 403 and message Forbidden. This does not make it clear to users that they have been blocked by rate-limiting.
Describe the desired state/solution
Add a custom response to the WAF rule, using the appropriate code/message 429 Too many requests.
lizkrznarich
commented
9 months ago
Service/repository
Describe the current state/issue Currently, when a request is blocked by rate limiting, we return the default WAF response code 403 and message Forbidden. This does not make it clear to users that they have been blocked by rate-limiting.
Describe the desired state/solution Add a custom response to the WAF rule, using the appropriate code/message 429 Too many requests.
Additional notes See AWS WAF docs https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-for-blocked-requests.html