AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-08-22 · Documentation low

File: waf/latest/developerguide/waf-captcha-and-challenge-actions.md

Summary

Replaced 'protection pack or web ACL' with 'protection pack (web ACL)' in multiple instances

Security assessment

Terminology standardization without altering security implications. Describes existing CAPTCHA/Challenge behavior without introducing new security features or addressing vulnerabilities.

Diff

diff --git a/waf/latest/developerguide/waf-captcha-and-challenge-actions.md b/waf/latest/developerguide/waf-captcha-and-challenge-actions.md
index 97f2cdef8..07f9ead44 100644
--- a//waf/latest/developerguide/waf-captcha-and-challenge-actions.md
+++ b//waf/latest/developerguide/waf-captcha-and-challenge-actions.md
@@ -23 +23 @@ AWS WAF applies the CAPTCHA or Challenge action to a web request as follows:
-  * **Valid token** – AWS WAF handles this similar to a Count action. AWS WAF applies any labels and request customizations that you've configured for the rule action, and then continues evaluating the request using the remaining rules in the protection pack or web ACL. 
+  * **Valid token** – AWS WAF handles this similar to a Count action. AWS WAF applies any labels and request customizations that you've configured for the rule action, and then continues evaluating the request using the remaining rules in the protection pack (web ACL). 
@@ -25 +25 @@ AWS WAF applies the CAPTCHA or Challenge action to a web request as follows:
-  * **Missing, invalid, or expired token** – AWS WAF discontinues the protection pack or web ACL evaluation of the request and blocks it from going to its intended destination. 
+  * **Missing, invalid, or expired token** – AWS WAF discontinues the protection pack (web ACL) evaluation of the request and blocks it from going to its intended destination. 
@@ -56 +56 @@ For Javascript applications running in the client browser, this header is only a
-To configure the timing of token expiration at the protection pack or web ACL or rule level, see [Setting timestamp expiration and token immunity times in AWS WAF](./waf-tokens-immunity-times.html).
+To configure the timing of token expiration at the protection pack (web ACL) or rule level, see [Setting timestamp expiration and token immunity times in AWS WAF](./waf-tokens-immunity-times.html).