add changelog for new WAF release

sylwang · sylwang · commit 91cf65a3a76d · 2025-10-07T12:38:32.000-07:00
diff --git a/content/nginx-one/changelog.md b/content/nginx-one/changelog.md
@@ -30,6 +30,19 @@ h2 {
 
 Stay up-to-date with what's new and improved in the F5 NGINX One Console.
 
+## October 6, 2025
+
+### Expanded features for configuring NGINX security policies with F5 WAF
+
+You can now configure the following for F5 WAF policies directly in the NGINX One Console:
+- [Signature Sets]({{< ref "/nginx-one/nap-integration/add-signature-sets.md" >}})
+- [Signature Exceptions]({{< ref "/nginx-one/nap-integration/add-signature-sets.md#exceptions" >}})
+- [Parameters]({{< ref "/nginx-one/nap-integration/cookies-params-urls.md#add-parameters" >}})
+- [URLs]({{< ref "/nginx-one/nap-integration/cookies-params-urls.md#add-urls" >}})
+- [Cookies]({{< ref "/nginx-one/nap-integration/cookies-params-urls.md#add-cookies" >}})
+
+For more details, see the [F5 WAF Integration Guide ]({{< ref "/nginx-one/nap-integration/" >}}).
+
 ## October 2, 2025
 
 ### You can now set up config templates
diff --git a/content/nginx-one/nap-integration/cookies-params-urls.md b/content/nginx-one/nap-integration/cookies-params-urls.md
@@ -116,7 +116,9 @@ See the [Supported Violations]({{< ref "/waf/policies/violations.md#supported-vi
    - Choose whether to enable attack signatures
    
    {{< call-out "important" >}}
+
    Attack Signatures are only applicable when the Value Type is `User Input` or `Array` **and** the Data Type is either `Alphanumeric` or `Binary`
+
    {{< /call-out >}}
 
    - Decide if parameter value should be masked in logs which sets `sensitiveParameter` in [Parameter Configuration Reference]({{< ref "/waf/policies/parameter-reference.md" >}})
@@ -143,7 +145,9 @@ Each URL configuration includes:
 - `Attack Signatures`: Indicates whether attack signatures and threat campaigns are enabled, disabled, or not applicable
 
 {{< call-out "important" >}}
+
 **⚠️ Important:** Attack Signatures are automatically shown as "Not Applicable" when Enforcement Type is set to `Disallow` since the URL is explicitly blocked and signature checking is unnecessary.
+
 {{< /call-out >}}
 
 For a complete list of configurable URL properties and options, see the [URL Configuration Parameters]({{< ref "/waf/policies/parameter-reference.md" >}}) documentation under the `urls` section.
@@ -181,8 +185,10 @@ See the [Supported Violations]({{< ref "/waf/policies/violations.md#supported-vi
    - If `Allow URL` is selected, you can optionally enable attack signatures
 
    {{< call-out "important" >}}
+
    **⚠️ Important:** Attack signatures cannot be enabled for disallowed URLs.
-   {{< call-out "important" >}}
+
+   {{< /call-out >}}
 
 1. **Optional**: Configure Attack Signatures
    - If enabled, you can overwrite attack signatures for this specific URL
