AWS waf documentation change
Summary
Removed CloudFront-specific reference in DDoS protection guidance
Security assessment
Generalizes DDoS protection advice without security implications - documentation refinement rather than security update.
Diff
diff --git a/waf/latest/developerguide/waf-managed-protections-best-practices.md b/waf/latest/developerguide/waf-managed-protections-best-practices.md index 49dac8d7e..23ad2a818 100644 --- a//waf/latest/developerguide/waf-managed-protections-best-practices.md +++ b//waf/latest/developerguide/waf-managed-protections-best-practices.md @@ -41 +41 @@ For detailed pricing information, see [AWS WAF Pricing](https://aws.amazon.com/w - * **For distributed denial of service (DDoS) protection for Amazon CloudFront distributions, use either Anti-DDoS or Shield Advanced automatic application layer DDoS mitigation** – The other intelligent threat mitigation rule groups don't provide DDoS protection. ACFP protects against fraudulent account creation attempts to your application's sign-up page. ATP protects against account takeover attempts to your login page. Bot Control focuses on enforcing human-like access patterns using tokens and dynamic rate limiting on client sessions. + * **For distributed denial of service (DDoS) protection, use either Anti-DDoS or Shield Advanced automatic application layer DDoS mitigation** – The other intelligent threat mitigation rule groups don't provide DDoS protection. ACFP protects against fraudulent account creation attempts to your application's sign-up page. ATP protects against account takeover attempts to your login page. Bot Control focuses on enforcing human-like access patterns using tokens and dynamic rate limiting on client sessions.