What Is AWS WAF Bot Control?

Paste into ChatGPT, Claude, or any LLM

On this page

AWS WAF Bot Control is the managed rule group inside AWS WAF that classifies and blocks bot traffic. It ships in two tiers — Common (signature-based, blocks known crawlers and signaled bots) and Targeted (adds a JavaScript / CAPTCHA challenge, IP rate aggregation, and TGT_* labels). Adoption is broad because it's a one-click enable on any AWS-fronted site, but the detection sophistication is well below Akamai or DataDome.

Tiers	Common (signature) and Targeted (challenge + behaviour)
Detection cookie	aws-waf-token (only on Targeted with challenge action)
Response header	x-amzn-waf-action when challenge fires; x-amz-cf-id on CloudFront
Labels emitted	awswaf:managed:aws:bot-control:* on classified requests
Bypass difficulty	Low (Common) to medium (Targeted with challenge)

Common vs Targeted — the two tiers

Common matches against a static signature list: known crawler User-Agents, missing Accept-Language, scripting-engine UAs, datacenter ASNs. It blocks roughly the same traffic that Cloudflare's Bot Fight Mode blocks. curl_cffi with Chrome impersonation defeats Common entirely because the UA, TLS, and headers all match a real browser.

Targeted adds a Silent Challenge (lightweight JS that issues aws-waf-token) and a CAPTCHA Challenge action. When configured to challenge rather than block, a request without the token gets a 405 with an x-amzn-waf-action: challenge header and an HTML page that runs the WAF challenge script. Targeted also adds rate-aggregation per session token.

How AWS labels classified requests

AWS WAF doesn't score in 0–99 like Cloudflare. Instead it attaches labels to each request — awswaf:managed:aws:bot-control:bot:category:scraping_framework, awswaf:managed:aws:bot-control:signal:automated_browser, and so on. The customer site writes rules that act on those labels (block, challenge, count). This makes Bot Control more permissive by default than other vendors — a labelled request only blocks if the customer added the rule, so many AWS-protected sites accept traffic Cloudflare or Akamai would reject.

What works and what doesn't

Common tier: any modern impersonation library (curl_cffi, tls-client, hrequests) plus a non-datacenter IP. The signature list is short and well-known.

Targeted tier: if the customer chose challenge, a real-browser session (Playwright, Camoufox) solves the challenge once and reuses the aws-waf-token cookie for subsequent requests. The token TTL is generous (~5 min default, configurable). If the customer chose block, you need to match the underlying fingerprint — broadly the same approach as Akamai but with a much weaker scoring model.

Code example

python

# AWS WAF Common: curl_cffi alone usually passes
from curl_cffi import requests

s = requests.Session(impersonate="chrome131")
r = s.get("https://target.com/api/items")

# Check for AWS WAF challenge
if r.headers.get("x-amzn-waf-action") == "challenge":
    print("Targeted tier with challenge — switch to a real browser")
elif r.status_code == 403:
    print("Common tier blocked — check IP and User-Agent")
else:
    print(f"OK: {r.status_code}")

Related terms

Anti-Bot Vendor Detection Cheatsheet

The first step of any scrape against a protected site is identifying which anti-bot vendor is in front of it. The vendor determines almost e…

What Is Anti-Bot Detection?

Anti-bot detection is the set of techniques websites use to distinguish automated traffic from human users — and to block, challenge, or thr…

What Is Cloudflare Bot Management?

Cloudflare Bot Management is the enterprise-tier ML scoring system Cloudflare runs on every request to a protected zone. Unlike Turnstile — …

What Is TLS Fingerprinting (JA3/JA4)?

TLS fingerprinting is a technique that identifies an HTTP client from its TLS handshake — before the server reads a single request byte. The…

What Is curl_cffi?

curl_cffi is a Python HTTP client that produces TLS fingerprints identical to real Chrome, Firefox, or Safari. It wraps curl-impersonate — a…

What Is F5 Shape Security?

F5 Shape Security is the most sophisticated anti-bot product on the market — F5 paid $1 billion to acquire Shape in 2020 and the price refle…

What Is Riskified?

Riskified is a chargeback-guarantee platform for e-commerce checkout. Merchants pay Riskified a per-transaction fee and Riskified takes on t…

Concept map

How AWS WAF Bot Control connects

The terms most directly tied to this one. Hover a node to see its neighbours, click to preview, drag to rearrange.

0 terms · 0 connections

You are here · Anti-Bot

Tools & solutions for this topic

Frequently asked questions

Is AWS WAF Bot Control as strong as Cloudflare Bot Management?

No. The signature-based Common tier is comparable to Cloudflare's free Bot Fight Mode. The Targeted tier adds JS challenges but lacks the continuous ML scoring and global network-effect data that Cloudflare's enterprise product has. Most AWS-WAF-protected sites are not the hardest targets.

How do I tell Common from Targeted from a single response?

Common blocks with a plain 403 and no extra headers. Targeted with challenge returns 405 + x-amzn-waf-action: challenge. Targeted with block returns 403 but Set-Cookie usually contains aws-waf-token from a previous interaction.

Do the awswaf:* labels appear in HTTP responses?

No — labels are internal to AWS WAF and only visible in CloudWatch logs to the site owner. Scrapers can't see them. The visible signal is the action the customer's rule took based on the labels (block, challenge, allow).

Last updated: 2026-05-27