Apply suggestions from code review

ranbel · maxvp · web-flow · commit 2a4290d6a32e · 2025-09-16T13:28:32.000-04:00
Co-authored-by: Max Phillips &lt;mphillips@cloudflare.com&gt;
diff --git a/src/content/docs/cloudflare-one/policies/gateway/egress-policies/egress-cloudflared.mdx b/src/content/docs/cloudflare-one/policies/gateway/egress-policies/egress-cloudflared.mdx
@@ -88,18 +88,18 @@ Your private network's CIDR block should also route through the WARP tunnel. For
 
 ## 4. (Optional) Configure network policies
 
-You can build [Gateway network policies](/cloudflare-one/policies/gateway/network-policies/) to filter HTTPS traffic to your public hostname on port 443. For example, suppose that you want to block all WARP users from accessing `app.bank.com` except for a specific set of users or groups. Additionally, those authorized users should only access `app.bank.com` using your AWS egress IP. You can accomplish this using two policies: the first allows specific users to reach `app.bank.com`, and the second blocks all other port 443 traffic to `app.bank.com`.
+You can build [Gateway network policies](/cloudflare-one/policies/gateway/network-policies/) to filter HTTPS traffic to your public hostname on port `443`. For example, suppose that you want to block all WARP users from accessing `app.bank.com` except for a specific set of users or groups. Additionally, those authorized users should only access `app.bank.com` using your AWS egress IP. You can accomplish this using two policies: the first allows specific users to reach `app.bank.com`, and the second blocks all other port `443` traffic to `app.bank.com`.
 
-1. Allow company employees
+1. Allow company employees:
 	<Render file="gateway/policies/restrict-access-to-private-networks-allow" product="cloudflare-one" params={{ selector: "SNI", value: "app.bank.com" }} />
 
-2. Block everyone else on port 443
+2. Block everyone else on port `443`:
 
 	| Selector       | Operator | Value        | Action |
 	| -------------- | -------- | ------------ | ------ |
 	| SNI            | in       | `app.bank.com` | Block  |
 
-Gateway does not currently support hostname-based filtering for traffic on non-443 ports. To block traffic to `app.bank.com` on all ports, you will need to use the [Destination IP](/cloudflare-one/policies/gateway/network-policies/#destination-ip) selector and specify the public IP space of `app.bank.com`.
+Gateway does not currently support hostname-based filtering for traffic on non-`443` ports. To block traffic to `app.bank.com` on all ports, you will need to use the [Destination IP](/cloudflare-one/policies/gateway/network-policies/#destination-ip) selector and specify the public IP space of `app.bank.com`.
 
 ## 5. Test the connection
 
