AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-08-22 · Documentation low

File: waf/latest/developerguide/waf-rule-statement-fields-list.md

Summary

Updated documentation to standardize terminology from 'protection pack or web ACL' to 'protection pack (web ACL)' across multiple sections, primarily in logging references and configuration instructions.

Security assessment

The changes are terminology clarifications rather than security fixes. While they relate to security logging capabilities, there's no evidence of addressing vulnerabilities or weaknesses. The updates appear to improve documentation consistency rather than respond to security incidents.

Diff

diff --git a/waf/latest/developerguide/waf-rule-statement-fields-list.md b/waf/latest/developerguide/waf-rule-statement-fields-list.md
index 9117c3c0d..83995691c 100644
--- a//waf/latest/developerguide/waf-rule-statement-fields-list.md
+++ b//waf/latest/developerguide/waf-rule-statement-fields-list.md
@@ -168 +168 @@ The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of
-You can obtain the JA3 fingerprint for a client's requests from the protection pack or web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields for protection pack or web ACL traffic](./logging-fields.html).
+You can obtain the JA3 fingerprint for a client's requests from the protection pack (web ACL) logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields for protection pack (web ACL) traffic](./logging-fields.html).
@@ -176 +176 @@ You must provide a fallback behavior for this rule statement. The fallback behav
-To use this match option, you must log your protection pack or web ACL traffic. For information, see [Logging AWS WAF protection pack or web ACL traffic](./logging.html).
+To use this match option, you must log your protection pack (web ACL) traffic. For information, see [Logging AWS WAF protection pack (web ACL) traffic](./logging.html).
@@ -190 +190 @@ The JA4 fingerprint is a 36-character hash derived from the TLS Client Hello of
-You can obtain the JA4 fingerprint for a client's requests from the protection pack or web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields for protection pack or web ACL traffic](./logging-fields.html).
+You can obtain the JA4 fingerprint for a client's requests from the protection pack (web ACL) logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields for protection pack (web ACL) traffic](./logging-fields.html).
@@ -198 +198 @@ You must provide a fallback behavior for this rule statement. The fallback behav
-To use this match option, you must log your protection pack or web ACL traffic. For information, see [Logging AWS WAF protection pack or web ACL traffic](./logging.html).
+To use this match option, you must log your protection pack (web ACL) traffic. For information, see [Logging AWS WAF protection pack (web ACL) traffic](./logging.html).
@@ -235 +235 @@ The request body is the part of the request that immediately follows the request
-For Application Load Balancer and AWS AppSync, AWS WAF can inspect the first 8 KB of the body of a request. For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, by default, AWS WAF can inspect the first 16 KB, and you can increase the limit up to 64 KB in your protection pack or web ACL configuration. For more information, see [Managing body inspection size limits for AWS WAF](./web-acl-setting-body-inspection-limit.html).
+For Application Load Balancer and AWS AppSync, AWS WAF can inspect the first 8 KB of the body of a request. For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, by default, AWS WAF can inspect the first 16 KB, and you can increase the limit up to 64 KB in your protection pack (web ACL) configuration. For more information, see [Managing body inspection size limits for AWS WAF](./web-acl-setting-body-inspection-limit.html).
@@ -254 +254 @@ The request body is the part of the request that immediately follows the request
-For Application Load Balancer and AWS AppSync, AWS WAF can inspect the first 8 KB of the body of a request. For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, by default, AWS WAF can inspect the first 16 KB, and you can increase the limit up to 64 KB in your protection pack or web ACL configuration. For more information, see [Managing body inspection size limits for AWS WAF](./web-acl-setting-body-inspection-limit.html).
+For Application Load Balancer and AWS AppSync, AWS WAF can inspect the first 8 KB of the body of a request. For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, by default, AWS WAF can inspect the first 16 KB, and you can increase the limit up to 64 KB in your protection pack (web ACL) configuration. For more information, see [Managing body inspection size limits for AWS WAF](./web-acl-setting-body-inspection-limit.html).