AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2026-05-28 · Documentation low

File: waf/latest/developerguide/waf-managed-protections-best-practices.md

Summary

Added cost optimization tip about rule ordering to reduce Bot Control expenses.

Security assessment

Focuses on cost management rather than security vulnerabilities or security feature documentation.

Diff

diff --git a/waf/latest/developerguide/waf-managed-protections-best-practices.md b/waf/latest/developerguide/waf-managed-protections-best-practices.md
index 63caf5f7d..580f5fa06 100644
--- a//waf/latest/developerguide/waf-managed-protections-best-practices.md
+++ b//waf/latest/developerguide/waf-managed-protections-best-practices.md
@@ -40,0 +41,2 @@ For detailed pricing information, see [AWS WAF Pricing](https://aws.amazon.com/w
+You can also place less expensive rules (IP reputation, geo-blocking) before Bot Control so that requests blocked by cheaper rules never reach the paid inspection. For more cost management guidance, see [Managing costs](./waf-bot-control-use-cases.html#waf-bot-control-cost-strategies).
+