Our Blog

AWS WAF announces Web Bot Auth support

Published
November 21, 2025
https://aws.amazon.com/about-aws/whats-new/2025/11/aws-waf-web-bot-auth-support

AWS WAF Web Bot Auth Support

Today, AWS WAF has introduced Web Bot Auth (WBA) support, offering a secure and standardized method to authenticate legitimate AI agents and automated tools accessing web applications. This new capability helps distinguish trusted bot traffic from potentially harmful automated access attempts.

Web Bot Auth is an authentication method that uses cryptographic signatures in HTTP messages to verify that a request comes from an automated bot. It relies on two active IETF drafts: a directory draft allowing the crawler to share their public keys, and a protocol draft defining how these keys should be used to attach crawler's identity to HTTP requests.

Verified WBA bots will now be automatically allowed by default, previously Category AI blocked unverified bots, this behavior is now refined to respect WBA verification.

What to do

Source: AWS release notes




If you need further guidance on AWS, our experts are available at AWS@westloop.io. You may also reach us by submitting the Contact Us form.

Follow our blog

Get the latest insights and advice on AWS services from our experts.

By clicking Sign Up you're confirming that you agree with our Terms and Conditions.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Related posts

Check out other insights from the team at West Loop Strategy.

View all
https://aws.amazon.com/about-aws/whats-new/2025/10/amazon-connect-agent-time-off-balance-data/

Amazon Connect now provides agent time-off balance data in analytics data lake

Amazon Connect now provides agent time-off balance data in analytics data lake, making it easier for you to generate reports and insights from this data
Read more

Insights from the AWS Summit | West Loop Strategy

Gain insights from the AWS Summit with West Loop Strategy. Discover the latest trends & innovations shaping the future of cloud & data analytics.
Read more
https://aws.amazon.com/about-aws/whats-new/2025/11/cloudfront-anycast-ipv6-support/

Amazon Cloudfront adds IPv6 support for Anycast Static IPs

Amazon CloudFront now supports both IPv4 and IPv6 addresses for Anycast Static IP configurations
Read more
View all