AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-08-22 · Documentation low

File: waf/latest/developerguide/customizing-the-response-for-blocked-requests.md

Summary

Updated terminology from 'protection pack or web ACL' to 'protection pack (web ACL)' for consistency

Security assessment

Changes only clarify terminology without introducing new security concepts or addressing vulnerabilities. Focuses on documentation consistency rather than security functionality.

Diff

diff --git a/waf/latest/developerguide/customizing-the-response-for-blocked-requests.md b/waf/latest/developerguide/customizing-the-response-for-blocked-requests.md
index e021ee2be..ee1c24e85 100644
--- a//waf/latest/developerguide/customizing-the-response-for-blocked-requests.md
+++ b//waf/latest/developerguide/customizing-the-response-for-blocked-requests.md
@@ -11 +11 @@ You can now use the updated experience to access AWS WAF functionality anywhere
-This section explains how to instruct AWS WAF to send a custom HTTP response back to the client for rule actions or protection pack or web ACL default actions that are set to Block. For more information about rule actions, see [Using rule actions in AWS WAF](./waf-rule-action.html). For more information about default protection pack or web ACL actions, see [Setting the protection pack or web ACL default action in AWS WAF](./web-acl-default-action.html).
+This section explains how to instruct AWS WAF to send a custom HTTP response back to the client for rule actions or protection pack (web ACL) default actions that are set to Block. For more information about rule actions, see [Using rule actions in AWS WAF](./waf-rule-action.html). For more information about default protection pack (web ACL) actions, see [Setting the protection pack (web ACL) default action in AWS WAF](./web-acl-default-action.html).
@@ -64 +64 @@ You can specify any header name except for `content-type`.
-You define the body of a custom response within the context of the protection pack or web ACL or rule group where you want to use it. After you've defined a custom response body, you can use it by reference anywhere else in the protection pack or web ACL or rule group where you created it. In the individual Block action settings, you reference the custom body that you want to use and you define the status code and header of the custom response. 
+You define the body of a custom response within the context of the protection pack (web ACL) or rule group where you want to use it. After you've defined a custom response body, you can use it by reference anywhere else in the protection pack (web ACL) or rule group where you created it. In the individual Block action settings, you reference the custom body that you want to use and you define the status code and header of the custom response. 
@@ -66 +66 @@ You define the body of a custom response within the context of the protection pa
-When you create a custom response in the console, you can choose from response bodies that you've already defined or you can create a new body. Outside of the console, you define your custom response bodies at the protection pack or web ACL or rule group level, and then reference them from the action settings within the protection pack or web ACL or rule group. This is shown in the example JSON in the following section. 
+When you create a custom response in the console, you can choose from response bodies that you've already defined or you can create a new body. Outside of the console, you define your custom response bodies at the protection pack (web ACL) or rule group level, and then reference them from the action settings within the protection pack (web ACL) or rule group. This is shown in the example JSON in the following section.