Merge branch 'cloudflare:production' into production

Author: Thienlta

.github/CODEOWNERS

@@ -175,6 +175,7 @@
 /src/content/docs/cache/ @angelampcosta @cloudflare/pcx-technical-writing
 /src/content/docs/health-checks/ @angelampcosta @cloudflare/pcx-technical-writing
 /src/content/docs/load-balancing/ @angelampcosta @cloudflare/pcx-technical-writing
+src/content/docs/smart-shield/ @RebeccaTamachiro @cloudflare/pcx-technical-writing
 /src/content/docs/spectrum/ @angelampcosta @cloudflare/pcx-technical-writing
 /src/content/docs/speed/ @angelampcosta @cloudflare/pcx-technical-writing
 /src/content/docs/web3/ @cloudflare/pcx-technical-writing

.vscode/settings.json

@@ -4,5 +4,11 @@
 	"editor.defaultFormatter": "esbenp.prettier-vscode",
 	"typescript.tsdk": "node_modules/typescript/lib",
 	"cSpell.enableFiletypes": ["mdx"],
-	"files.associations": { "__redirects": "plaintext", "_headers": "plaintext" }
+	"files.associations": {
+		"__redirects": "plaintext",
+		"_headers": "plaintext"
+	},
+	"[astro]": {
+		"editor.defaultFormatter": "astro-build.astro-vscode"
+	}
 }

public/__redirects

@@ -565,6 +565,7 @@
 /durable-objects/get-started/video-series/ /durable-objects/video-tutorials/ 301
 
 /durable-objects/what-are-durable-objects/ /durable-objects/concepts/what-are-durable-objects/ 301
+/durable-objects/observability/graphql-analytics/ /durable-objects/observability/metrics-and-analytics/ 301
 
 # email-routing
 /email-routing/enable-email-routing/ /email-routing/get-started/enable-email-routing/ 301
@@ -1141,10 +1142,10 @@
 /pages/how-to/deploy-a-gatsby-site/ /pages/framework-guides/deploy-a-gatsby-site/ 301
 /pages/how-to/deploy-a-hugo-site/ /pages/framework-guides/deploy-a-hugo-site/ 301
 /pages/how-to/deploy-a-jekyll-site/ /pages/framework-guides/deploy-a-jekyll-site/ 301
-/pages/how-to/deploy-a-nextjs-site/ /pages/framework-guides/nextjs/ 301
-/pages/framework-guides/deploy-a-nextjs-site/ /pages/framework-guides/nextjs/ 301
+/pages/how-to/deploy-a-nextjs-site/ /workers/framework-guides/web-apps/nextjs 301
+/pages/framework-guides/nextjs/resources/* /workers/framework-guides/web-apps/nextjs 301
+/pages/framework-guides/nextjs/ssr/* /workers/framework-guides/web-apps/nextjs 301
 /pages/framework-guides/deploy-a-svelte-site/ /pages/framework-guides/deploy-a-svelte-kit-site/ 301
-/pages/framework-guides/nextjs/deploy-a-nextjs-site/ /pages/framework-guides/nextjs/ssr/get-started/ 301
 /pages/how-to/deploy-anything/ /pages/framework-guides/deploy-anything/ 301
 /pages/how-to/deploy-a-react-application/ /pages/framework-guides/deploy-a-react-site/ 301
 /pages/framework-guides/deploy-a-react-application/ /pages/framework-guides/deploy-a-react-site/ 301

src/assets/images/smart-shield/network-diagram.png

@@ -1,23 +1,17 @@
----
-title: New AI-Enabled Search for Zero Trust Dashboard
-description: New AI-Enabled Search for Zero Trust Dashboard
-date: 2025-09-16
-products:
-  - cloudflare-one
----
-
-Zero Trust Dashboard has a brand new, AI-powered search functionality. You can search your account by resources (applications, policies, device profiles, settings, etc.), pages, products, and more.
-
-
-![Example search results in the Zero Trust dashboard](~/assets/images/changelog/cloudflare-one/searchexample.png)
-
-
-  
-**Ask Cloudy** — You can also ask Cloudy, our AI agent, questions about Cloudflare Zero Trust. Cloudy is trained on our developer documentation and implementation guides, so it can tell you how to configure functionality, best practices, and can make recommendations.
-
-
-
-Cloudy can then stay open with you as you move between pages to build configuration or answer more questions.
-
-
+---
+title: New AI-Enabled Search for Zero Trust Dashboard
+description: New AI-Enabled Search for Zero Trust Dashboard
+date: 2025-09-16
+products:
+  - cloudflare-one
+---
+
+Zero Trust Dashboard has a brand new, AI-powered search functionality. You can search your account by resources (applications, policies, device profiles, settings, etc.), pages, products, and more.
+
+![Example search results in the Zero Trust dashboard](~/assets/images/changelog/cloudflare-one/searchexample.png)
+  
+**Ask Cloudy** — You can also ask Cloudy, our AI agent, questions about Cloudflare Zero Trust. Cloudy is trained on our developer documentation and implementation guides, so it can tell you how to configure functionality, best practices, and can make recommendations.
+
+Cloudy can then stay open with you as you move between pages to build configuration or answer more questions.
+
 **Find Recents** — Recent searches and Cloudy questions also have a new tab under Zero Trust Overview.

src/content/changelog/cloudflare-one/2025-09-16-new-ai-enabled-search-for-zero-trust-dashboard.mdx

@@ -0,0 +1,31 @@
+---
+title: Preview URLs now default to opt-in
+description: We performed a one-time update to disable preview URLs on Workers with workers.dev disabled to require an explicit opt-in. 
+date: 2025-09-17
+---
+import { WranglerConfig, Aside } from "~/components";
+
+To prevent the accidental exposure of applications, we've updated how [Worker preview URLs](/workers/configuration/previews/) (`<PREVIEW>-<WORKER_NAME>.<SUBDOMAIN>.workers.dev`) are handled. We made this change to ensure preview URLs are only active when intentionally configured, improving the default security posture of your Workers. 
+
+## One-Time Update for Workers with workers.dev Disabled
+We performed a one-time update to disable preview URLs for existing Workers where the [workers.dev subdomain](/workers/configuration/routing/workers-dev/) was also disabled.
+
+Because preview URLs were historically enabled by default, users who had intentionally disabled their workers.dev route may not have realized their Worker was still accessible at a separate preview URL. This update was performed to ensure that using a preview URL is always an intentional, opt-in choice.
+
+If your Worker was affected, its preview URL (`<PREVIEW>-<WORKER_NAME>.<SUBDOMAIN>.workers.dev`) will now direct to an informational page explaining this change.
+
+**How to Re-enable Your Preview URL**
+
+If your preview URL was disabled, you can re-enable it [via the Cloudflare dashboard](/workers/configuration/previews/#toggle-preview-urls-enable-or-disable) by navigating to your Worker's Settings page and toggling on the Preview URL.
+
+Alternatively, you can use Wrangler by adding the `preview_urls = true` setting to your Wrangler file and redeploying the Worker.
+
+<WranglerConfig>
+```jsonc title="wrangler.jsonc"
+{
+  "preview_urls": true
+}
+```
+</WranglerConfig>
+
+**Note:** You can set `preview_urls = true` with any Wrangler version that supports the preview URL flag (v3.91.0+). However, we recommend updating to v4.34.0 or newer, as this version defaults `preview_urls` to false, ensuring preview URLs are always enabled by explicit choice.

src/content/changelog/workers/2025-09-17-update-preview-url-setting.mdx

@@ -6,21 +6,11 @@ sidebar:
   label: Reuse and coalescing
 ---
 
-import { Details } from "~/components";
+import { Render } from "~/components";
 
 Aside from [concurrent connections](/aegis/about/ips-allocation/#connections-to-your-origin)[^1], connection reuse and connection coalescing are also important concepts. They both have impact on latency and are considered when allocating your Aegis IPv4 addresses.
 
-Implemented by HTTP/1.1, connection reuse describes multiple requests passing through one same connection (between one source IP:port and one destination IP:port). It is commonly the case even for simple websites nowadays.
-
-<Details header="Example">
-When a connection is initiated for `shop.example.com`, several embedded subresources may be requested - CSS, image files, advertisement, etc. This can mean hundreds of requests just for the website to load. Instead of having a one to one ratio of request per connection, a single connection is used for multiple requests.
-</Details>
-
-With HTTP/2, requests can use the same connection even if they are for different domains.
-
-<Details header="Example">
-A connection initiated for `shop.example.com` can be used for requests for `blog.example.com` as well - as long as the requests have the same destination IP:port and the server TLS certificate is authoritative for both hostnames.
-</Details>
+<Render file="connection-reuse" product="aegis" />
 
 Refer to the [Cloudflare blog post](https://blog.cloudflare.com/aegis-deep-dive/) for further details.
 

src/content/docs/aegis/about/reuse-and-coalescing.mdx

@@ -6,7 +6,7 @@ sidebar:
 
 ---
 
-import { GlossaryTooltip, Example, Steps, Tabs, TabItem } from "~/components";
+import { GlossaryTooltip, Example, Steps, Tabs, TabItem, DashButton } from "~/components";
 
 AI Crawl Control works alongside other Cloudflare products, such as Cloudflare [Web Application Firewall (WAF)](/waf/). WAF checks incoming web and API requests, and filters undesired traffic based on rules. [WAF custom rules](/waf/custom-rules/) allow you to perform certain actions such as enforcing <GlossaryTooltip term="robots.txt">`robots.txt`</GlossaryTooltip>.
 
@@ -85,8 +85,11 @@ In this scenario, you have two custom rules, each directing a different logic fo
 </TabItem> <TabItem label="New dashboard" icon="rocket">
 
 <Steps>
-1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
-2. Go to **Security** > **Security rules** and filter by **Custom rules**.
+1. In the Cloudflare dashboard, go to the **Security rules** page.
+
+   <DashButton url="/?to=/:account/:zone/security/security-rules" />
+
+2. Filter by _Custom rules_.
 3. Identify your custom rule and the AI Crawl Control rule.
 4. Drag the rule you wish to prioritize to the top, or modify your custom rule to ensure it does not conflict with your AI Crawl Control configurations.
 </Steps>

src/content/docs/ai-crawl-control/configuration/ai-crawl-control-with-waf.mdx

@@ -7,7 +7,7 @@ sidebar:
   order: 2
 ---
 
-import { Steps, Tabs, TabItem } from "~/components";
+import { Steps, Tabs, TabItem, DashButton } from "~/components";
 
 AI Crawl Control metrics provide you with insight on how AI crawlers are interacting with your website ([Cloudflare zone](/fundamentals/concepts/accounts-and-zones/#zones)).
 
@@ -16,6 +16,8 @@ To view AI Crawl Control metrics:
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
 2. Go to **AI Crawl Control**.
 
+   <DashButton url="/?to=/:account/:zone/ai" />
+
 You can find meaningful information across both **Crawlers** and **Metrics** tabs.
 
 ## View AI crawler activity

src/content/docs/ai-crawl-control/features/analyze-ai-traffic.mdx

@@ -5,14 +5,17 @@ sidebar:
   order: 5
 ---
 
-import { Steps, GlossaryTooltip, Tabs, TabItem, Example, Plan } from "~/components";
+import { Steps, GlossaryTooltip, Tabs, TabItem, Example, Plan, DashButton } from "~/components";
 
 AI Crawl Control enables you to take specific action for each AI crawler.
 
 To manage AI crawlers:
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
 2. Go to **AI Crawl Control**.
+
+   <DashButton url="/?to=/:account/:zone/ai" />
+
 3. Go to the **Crawlers** tab.
 
 ## Review AI crawler activity
@@ -137,6 +140,9 @@ To edit these values:
 <Steps>
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
 2. Go to **AI Crawl Control**.
+
+   <DashButton url="/?to=/:account/:zone/ai" />
+
 3. Go to the **Settings** tab.
 4. Under **Block response**, select **Edit**.
 5. Once you have edited the values, select **Save**.
@@ -169,8 +175,6 @@ You can write a custom message (HTTP response body) to return when blocking an A
 
 In the **Response body** text field, enter the response you wish to display for the AI crawler in plain text.
 
-{/* Need guidance on what sort of information they should include */}
-
 ## Related resources
 
 - Use [pay per crawl](/ai-crawl-control/features/pay-per-crawl/what-is-pay-per-crawl/) to charge AI crawlers every time they access your content.