m3terDocs
    • Changelog
    • Getting Started
    • Getting to Know the m3ter Service
    • Knowledge Index
    • Authenticating with the Service
    • m3ter APIs
      • Config API Limits
      • Ingest API Limits and Optimizing Measurement Submissions
      • WAF Rules for HTTP Requests
      • Getting Started with API Calls
      • HTTP Error Codes
    • m3ter Integrations
    • Setting Up Native Integrations
    • Managing Organization and Access
    • Creating and Managing Products
    • Setting Up Usage Data: Meters and Aggregations
    • Creating and Working with Plan Templates and Plans
    • Pricing and Managing Plans and Plan Templates
    • Creating and Managing Accounts
    • Submitting Usage Data
    • Running, Viewing, and Managing Bills
    • Working with Custom Fields
    • Viewing and Managing Alerts
    • Utilizing Events and Notifications
    • Metering for Production: Worked Examples
    • Working in the Data Explorer
    • Glossary of Terms
  • API Reference

On this page

  • Managed by AWS
  • Managed by m3ter
  • Error Response
  • Home
  • /
  • m3ter APIs

WAF Rules for HTTP Requests

We apply two types of Rules/Rule Groups to our Web Application Firewall (WAF). These impose constraints on HTTP requests you make to the m3ter service.

Managed by AWS

  • Core rule set (CRS) managed rule group

  • Known bad inputs managed rule group

  • SQL database managed rule group

Managed by m3ter

  • Request Body Size Rule:

    • Blocks all HTTP requests having a body larger than 512,000 bytes.

Error Response

If your requests are blocked by any of these rules, a 403 (Forbidden) response is returned.

Next: Getting Started with API Calls