Link zone-lockdown to WAF to account for both dash experiences (cloudflare#26649)

RebeccaTamachiro · web-flow · commit 918ecee8d307 · 2025-11-20T15:37:54.000Z
diff --git a/src/content/partials/smart-shield/zone-lockdown.mdx b/src/content/partials/smart-shield/zone-lockdown.mdx
@@ -4,22 +4,21 @@
 
 Currently, any Cloudflare customer on a paid plan can configure Health Checks against any host or IP. [Zone Lockdown](/waf/tools/zone-lockdown/) specifies a list of one or more IP addresses, CIDR ranges, or networks that are the only IPs allowed to access a domain, subdomain, or URL. It allows multiple destinations in a single rule as well as IPv4 and IPv6 addresses. IP addresses not specified in the Zone Lockdown rule are denied access to the specified resources.
 
-Customers who use zone lockdown and want their health checks to continue passing can follow the guide below to bypass zone lockdown.
+Customers who use zone lockdown and want their health checks to continue passing can use [WAF custom rules](/waf/custom-rules/create-dashboard/) to bypass zone lockdown.
 
 ## Bypass zone lockdown
 
 To bypass zone lockdown using a WAF custom rule:
 
-1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com) and select your account and domain.
-2. Go to **Security** > **WAF** > **Custom rules**.
-3. Select **Create rule**.
-4. Create a custom rule matching on **user agent**.
-5. Set the action to *Skip* and the corresponding feature to **Zone Lockdown** under **More components to skip**.
+1. Follow the steps to [create a custom rule in the dashboard](/waf/custom-rules/create-dashboard/).
+2. Create a custom rule matching on **user agent**.
 
-Cloudflare Health Checks have a user agent of the following format:
-`Mozilla/5.0 (compatible;Cloudflare-Healthchecks/1.0;+https://www.cloudflare.com/; healthcheck-id: XXX)` where `XXX` is replaced with the first 16 characters of the Health Check ID.
+   Cloudflare Health Checks have a user agent of the following format:
+   `Mozilla/5.0 (compatible;Cloudflare-Healthchecks/1.0;+https://www.cloudflare.com/; healthcheck-id: XXX)` where `XXX` is replaced with the first 16 characters of the Health Check ID.
 
-To allow a specific Health Check, verify if the user agent contains the first 16 characters of the Health Check ID.
+   To allow a specific Health Check, verify if the user agent contains the first 16 characters of the Health Check ID.
+
+3. Set the action to *Skip* and the corresponding feature to **Zone Lockdown** under **More components to skip**.
 
 ### Via the API
 
