AWS waf documentation change
Summary
Added console announcement and updated rule configuration references to include 'protection pack' terminology
Security assessment
Documentation updates focus on organizational structure (protection packs) rather than security controls. No changes to security recommendations or vulnerability mitigations.
Diff
diff --git a/waf/latest/developerguide/waf-captcha-and-challenge-best-practices.md b/waf/latest/developerguide/waf-captcha-and-challenge-best-practices.md index f16f3f41b..35182b345 100644 --- a//waf/latest/developerguide/waf-captcha-and-challenge-best-practices.md +++ b//waf/latest/developerguide/waf-captcha-and-challenge-best-practices.md @@ -4,0 +5,4 @@ +**Introducing a new console experience for AWS WAF** + +You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the updated console experience](./working-with-console.html). + @@ -29 +33 @@ For example, if you implement the JavaScript client application CAPTCHA API, and -For this situation, in your web ACL, you can add a rule that matches against this first call and configure it with the Challenge or CAPTCHA rule action. When the rule matches for a legitimate end user and browser, the action will find a valid token, and therefore will not block the request or send a challenge or CAPTCHA puzzle in response. For more information about how the rule actions work, see [CAPTCHA and Challenge action behavior](./waf-captcha-and-challenge-actions.html). +For this situation, in your protection pack or web ACL, you can add a rule that matches against this first call and configure it with the Challenge or CAPTCHA rule action. When the rule matches for a legitimate end user and browser, the action will find a valid token, and therefore will not block the request or send a challenge or CAPTCHA puzzle in response. For more information about how the rule actions work, see [CAPTCHA and Challenge action behavior](./waf-captcha-and-challenge-actions.html).