AWS waf documentation change
Summary
Added console experience announcement and updated 'web ACL' references to include 'protection pack'
Security assessment
Changes focus on UI updates and terminology expansion. Existing SQL injection detection documentation remains unchanged except for scope expansion to protection packs, which doesn't indicate security fixes.
Diff
diff --git a/waf/latest/developerguide/waf-rule-statement-type-sqli-match.md b/waf/latest/developerguide/waf-rule-statement-type-sqli-match.md index 395e6b5c5..8526802db 100644 --- a//waf/latest/developerguide/waf-rule-statement-type-sqli-match.md +++ b//waf/latest/developerguide/waf-rule-statement-type-sqli-match.md @@ -6,0 +7,4 @@ Rule statement characteristicsWhere to find this rule statement +**Introducing a new console experience for AWS WAF** + +You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the updated console experience](./working-with-console.html). + @@ -40 +44 @@ Additionally, this statement requires the following setting: -The HIGH setting detects more SQL injection attacks, and is the recommended setting. Due to the higher sensitivity, this setting generates more false positives, especially if your web requests typically contain unusual strings. During your web ACL testing and tuning, you might need to do more work to mitigate false positives. For information, see [Testing and tuning your AWS WAF protections](./web-acl-testing.html). +The HIGH setting detects more SQL injection attacks, and is the recommended setting. Due to the higher sensitivity, this setting generates more false positives, especially if your web requests typically contain unusual strings. During your protection pack or web ACL testing and tuning, you might need to do more work to mitigate false positives. For information, see [Testing and tuning your AWS WAF protections](./web-acl-testing.html).