AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-08-22 · Documentation low

File: waf/latest/developerguide/logging-fields.md

Summary

Multiple instances of terminology updates from 'protection pack or web ACL' to 'protection pack (web ACL)', including in JA3/JA4 fingerprint configuration guidance

Security assessment

While JA3/JA4 fingerprinting relates to security features, the changes here only standardize terminology without adding new security guidance or addressing vulnerabilities. The updates maintain existing security documentation rather than enhancing it.

Diff

diff --git a/waf/latest/developerguide/logging-fields.md b/waf/latest/developerguide/logging-fields.md
index ca5867d93..d13db4140 100644
--- a//waf/latest/developerguide/logging-fields.md
+++ b//waf/latest/developerguide/logging-fields.md
@@ -9 +9 @@ You can now use the updated experience to access AWS WAF functionality anywhere
-# Log fields for protection pack or web ACL traffic
+# Log fields for protection pack (web ACL) traffic
@@ -33 +33 @@ The CAPTCHA action terminates web request inspection when the request either doe
-The identifier for the CloudFront distribution tenant associated with the web request. This field is optional and only applies to protection pack or web ACLs associated with CloudFront distribution tenants.
+The identifier for the CloudFront distribution tenant associated with the web request. This field is optional and only applies to protection packs (web ACLs) associated with CloudFront distribution tenants.
@@ -157 +157 @@ The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of
-You provide this value when you configure a JA3 fingerprint match in your protection pack or web ACL rules. For information about creating a match against the JA3 fingerprint, see [JA3 fingerprint](./waf-rule-statement-fields-list.html#waf-rule-statement-request-component-ja3-fingerprint) in the [Request components in AWS WAF](./waf-rule-statement-fields-list.html) for a rule statement.
+You provide this value when you configure a JA3 fingerprint match in your protection pack (web ACL) rules. For information about creating a match against the JA3 fingerprint, see [JA3 fingerprint](./waf-rule-statement-fields-list.html#waf-rule-statement-request-component-ja3-fingerprint) in the [Request components in AWS WAF](./waf-rule-statement-fields-list.html) for a rule statement.
@@ -170 +170 @@ The JA4 fingerprint is a 36-character hash derived from the TLS Client Hello of
-You provide this value when you configure a JA4 fingerprint match in your protection pack or web ACL rules. For information about creating a match against the JA4 fingerprint, see [JA4 fingerprint](./waf-rule-statement-fields-list.html#waf-rule-statement-request-component-ja4-fingerprint) in the [Request components in AWS WAF](./waf-rule-statement-fields-list.html) for a rule statement.
+You provide this value when you configure a JA4 fingerprint match in your protection pack (web ACL) rules. For information about creating a match against the JA4 fingerprint, see [JA4 fingerprint](./waf-rule-statement-fields-list.html#waf-rule-statement-request-component-ja4-fingerprint) in the [Request components in AWS WAF](./waf-rule-statement-fields-list.html) for a rule statement.
@@ -202 +202 @@ Any additional information provided for each rule varies according factors such
-The list of fields in the web request that were inspected by the protection pack or web ACL and that are over the AWS WAF inspection limit. If a field is oversize but the protection pack or web ACL doesn't inspect it, it won't be listed here. 
+The list of fields in the web request that were inspected by the protection pack (web ACL) and that are over the AWS WAF inspection limit. If a field is oversize but the protection pack (web ACL) doesn't inspect it, it won't be listed here. 
@@ -328 +328 @@ The part of a URL that follows the "#" symbol, providing additional information
-The GUID of the protection pack or web ACL.
+The GUID of the protection pack (web ACL).
@@ -336 +336 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please
-Finding your protection pack or web ACL records
+Finding your protection pack (web ACL) records