diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index 0c9075a..7684d87 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -53,7 +53,7 @@ module "waf" {
   aws_managed_rule_labels = [
     {
       name     = "aws_managed_rule_low_limit"
-      labels   = ["awswaf:managed:aws:anonymous-ip-list:AnonymousIPList", "awswaf:managed:aws:amazon-ip-list:AWSManagedIPReputationList", "awswaf:managed:aws:amazon-ip-list:AWSManagedReconnaissanceList"]
+      labels   = ["awswaf:managed:aws:anonymous-ip-list:AnonymousIPList", "awswaf:managed:aws:amazon-ip-list:AWSManagedIPReputationList", "awswaf:managed:aws:amazon-ip-list:AWSManagedReconnaissanceList", "awswaf:managed:aws:amazon-ip-list:AWSManagedIPDDoSList"]
       priority = 60
     },
     {
@@ -61,12 +61,6 @@ module "waf" {
       labels   = ["awswaf:managed:aws:anonymous-ip-list:HostingProviderIPList"]
       limit    = 750
       priority = 61
-    },
-    {
-      name     = "aws_managed_rule_medium_limit"
-      labels   = ["awswaf:managed:aws:amazon-ip-list:AWSManagedIPDDoSList"]
-      action   = "captcha"
-      priority = 62
     }
   ]
   count_requests_from_ch = false
@@ -75,6 +69,7 @@ module "waf" {
       name          = "Group_1-CH"
       limit         = 50000
       country_codes = ["CH"]
+      action        = "captcha"
       priority      = 70
     },
     {
@@ -87,7 +82,6 @@ module "waf" {
       name          = "Very_slow"
       limit         = 100
       country_codes = ["AR", "BD", "BR", "KH", "CN", "CO", "EC", "IN", "ID", "MX", "NP", "PK", "RU", "SG", "TR", "UA", "AE", "ZM", "VN"]
-      action        = "block"
       priority      = 72
     }
   ]
diff --git a/variables.tf b/variables.tf
index e4ab11b..a5e465c 100644
--- a/variables.tf
+++ b/variables.tf
@@ -142,7 +142,7 @@ variable "aws_managed_rule_labels" {
   default = [
     {
       name     = "aws_managed_rule_low_limit"
-      labels   = ["awswaf:managed:aws:anonymous-ip-list:AnonymousIPList", "awswaf:managed:aws:amazon-ip-list:AWSManagedIPReputationList", "awswaf:managed:aws:amazon-ip-list:AWSManagedReconnaissanceList"]
+      labels   = ["awswaf:managed:aws:anonymous-ip-list:AnonymousIPList", "awswaf:managed:aws:amazon-ip-list:AWSManagedIPReputationList", "awswaf:managed:aws:amazon-ip-list:AWSManagedReconnaissanceList", "awswaf:managed:aws:amazon-ip-list:AWSManagedIPDDoSList"]
       priority = 60
     },
     {
@@ -150,12 +150,6 @@ variable "aws_managed_rule_labels" {
       labels   = ["awswaf:managed:aws:anonymous-ip-list:HostingProviderIPList"]
       limit    = 750
       priority = 61
-    },
-    {
-      name     = "aws_managed_rule_medium_limit"
-      labels   = ["awswaf:managed:aws:amazon-ip-list:AWSManagedIPDDoSList"]
-      action   = "captcha"
-      priority = 62
     }
   ]
   validation {
@@ -181,8 +175,8 @@ variable "country_rates" {
     name             = string
     limit            = number
     priority         = number
-    action           = optional(string, "captcha") # possible actions: block, captcha, challenge
-    immunity_seconds = optional(number, 300)       # only used if action is captcha (for challenge it's not currently allowed in tf, see waf.tf for more details). Immunity time in seconds after successfully passing a challenge
+    action           = optional(string, "block") # possible actions: block, captcha, challenge
+    immunity_seconds = optional(number, 300)     # only used if action is captcha (for challenge it's not currently allowed in tf, see waf.tf for more details). Immunity time in seconds after successfully passing a challenge
     country_codes    = set(string)
   }))
   # Example
@@ -201,7 +195,7 @@ variable "country_rates" {
   #   { name         = "Very_slow"
   #     limit        = 100
   #     country_codes = ["AR", "BD", "BR", "KH", "CN", "CO", "EC", "IN", "ID", "MX", "NP", "PK", "RU", "SG", "TR", "UA", "AE", "ZM", "VN"]
-  #     action       = "block"
+  #     action       = "captcha"
   #     priority     = 35
   #   }
   # ]