Class CfnRuleGroupPropsMixin.JA3FingerprintProperty
Available for use with Amazon CloudFront distributions and Application Load Balancers.
Implements
Inherited Members
Namespace: Amazon.CDK.Mixins.Preview.AWS.WAFv2.Mixins
Assembly: Amazon.CDK.Mixins.Preview.dll
Syntax (csharp)
public class CfnRuleGroupPropsMixin.JA3FingerprintProperty : CfnRuleGroupPropsMixin.IJA3FingerprintPropertySyntax (vb)
Public Class CfnRuleGroupPropsMixin.JA3FingerprintProperty Implements CfnRuleGroupPropsMixin.IJA3FingerprintPropertyRemarks
Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.
You can use this choice only with a string match <code>ByteMatchStatement</code> with the <code>PositionalConstraint</code> set to <code>EXACTLY</code> .
You can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see Log fields in the AWS WAF Developer Guide .
Provide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.Mixins.Preview.AWS.WAFv2.Mixins;
var jA3FingerprintProperty = new JA3FingerprintProperty {
FallbackBehavior = "fallbackBehavior"
};Synopsis
Constructors
| JA3FingerprintProperty() | Available for use with Amazon CloudFront distributions and Application Load Balancers. |
Properties
| FallbackBehavior | The match status to assign to the web request if the request doesn't have a JA3 fingerprint. |
Constructors
JA3FingerprintProperty()
Available for use with Amazon CloudFront distributions and Application Load Balancers.
public JA3FingerprintProperty()Remarks
Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.
You can use this choice only with a string match <code>ByteMatchStatement</code> with the <code>PositionalConstraint</code> set to <code>EXACTLY</code> .
You can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see Log fields in the AWS WAF Developer Guide .
Provide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.Mixins.Preview.AWS.WAFv2.Mixins;
var jA3FingerprintProperty = new JA3FingerprintProperty {
FallbackBehavior = "fallbackBehavior"
};Properties
FallbackBehavior
The match status to assign to the web request if the request doesn't have a JA3 fingerprint.
public string? FallbackBehavior { get; set; }Property Value
Remarks
You can specify the following fallback behaviors: