AWS waf documentation change
Summary
Standardized references to 'protection pack (web ACL)' instead of 'protection pack or web ACL' in immunity time configuration documentation
Security assessment
Changes focus on terminology unification rather than security content modification. While the document discusses security features (CAPTCHA/Challenge configurations), these updates don't introduce new security capabilities or address vulnerabilities - they simply clarify component relationships in existing security mechanisms.
Diff
diff --git a/waf/latest/developerguide/waf-tokens-immunity-times.md b/waf/latest/developerguide/waf-tokens-immunity-times.md index 5765bdf43..92d4f6804 100644 --- a//waf/latest/developerguide/waf-tokens-immunity-times.md +++ b//waf/latest/developerguide/waf-tokens-immunity-times.md @@ -21 +21 @@ AWS WAF records a successful response to a challenge or CAPTCHA by updating the -You can configure the challenge and CAPTCHA immunity times in the protection pack or web ACL and also in any rule that uses the CAPTCHA or Challenge rule action. +You can configure the challenge and CAPTCHA immunity times in the protection pack (web ACL) and also in any rule that uses the CAPTCHA or Challenge rule action. @@ -23 +23 @@ You can configure the challenge and CAPTCHA immunity times in the protection pac - * The default protection pack or web ACL setting for both immunity times is 300 seconds. + * The default protection pack (web ACL) setting for both immunity times is 300 seconds. @@ -25 +25 @@ You can configure the challenge and CAPTCHA immunity times in the protection pac - * You can specify the immunity time for any rule that uses the CAPTCHA or Challenge action. If you don't specify the immunity time for the rule, it inherits the setting from the protection pack or web ACL. + * You can specify the immunity time for any rule that uses the CAPTCHA or Challenge action. If you don't specify the immunity time for the rule, it inherits the setting from the protection pack (web ACL). @@ -27 +27 @@ You can configure the challenge and CAPTCHA immunity times in the protection pac - * For a rule inside a rule group that uses the CAPTCHA or Challenge action, if you don't specify the immunity time for the rule, it will inherit the setting from each protection pack or web ACL where you use the rule group. + * For a rule inside a rule group that uses the CAPTCHA or Challenge action, if you don't specify the immunity time for the rule, it will inherit the setting from each protection pack (web ACL) where you use the rule group. @@ -29 +29 @@ You can configure the challenge and CAPTCHA immunity times in the protection pac - * The application integration SDKs use the protection pack or web ACL's challenge immunity time. + * The application integration SDKs use the protection pack (web ACL)'s challenge immunity time. @@ -36 +36 @@ You can configure the challenge and CAPTCHA immunity times in the protection pac -You can use the protection pack or web ACL and rule level immunity time settings to tune the CAPTCHA action, Challenge, or SDK challenge management behavior. For example, you might configure rules that control access to highly sensitive data with low immunity times, and then set higher immunity times in your protection pack or web ACL for your other rules and the SDKs to inherit. +You can use the protection pack (web ACL) and rule level immunity time settings to tune the CAPTCHA action, Challenge, or SDK challenge management behavior. For example, you might configure rules that control access to highly sensitive data with low immunity times, and then set higher immunity times in your protection pack (web ACL) for your other rules and the SDKs to inherit.