AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-06-25 · Documentation low

File: waf/latest/developerguide/waf-managed-protections-best-practices.md

Summary

Removed CloudFront-specific reference in DDoS protection guidance

Security assessment

Generalizes DDoS protection advice without security implications - documentation refinement rather than security update.

Diff

diff --git a/waf/latest/developerguide/waf-managed-protections-best-practices.md b/waf/latest/developerguide/waf-managed-protections-best-practices.md
index 49dac8d7e..23ad2a818 100644
--- a//waf/latest/developerguide/waf-managed-protections-best-practices.md
+++ b//waf/latest/developerguide/waf-managed-protections-best-practices.md
@@ -41 +41 @@ For detailed pricing information, see [AWS WAF Pricing](https://aws.amazon.com/w
-  * **For distributed denial of service (DDoS) protection for Amazon CloudFront distributions, use either Anti-DDoS or Shield Advanced automatic application layer DDoS mitigation** – The other intelligent threat mitigation rule groups don't provide DDoS protection. ACFP protects against fraudulent account creation attempts to your application's sign-up page. ATP protects against account takeover attempts to your login page. Bot Control focuses on enforcing human-like access patterns using tokens and dynamic rate limiting on client sessions.
+  * **For distributed denial of service (DDoS) protection, use either Anti-DDoS or Shield Advanced automatic application layer DDoS mitigation** – The other intelligent threat mitigation rule groups don't provide DDoS protection. ACFP protects against fraudulent account creation attempts to your application's sign-up page. ATP protects against account takeover attempts to your login page. Bot Control focuses on enforcing human-like access patterns using tokens and dynamic rate limiting on client sessions.