[WAF] Update max object size to 30 MB (#24312)

pedrosousa · web-flow · commit 85a3c7291d25 · 2025-08-12T09:19:28.000+01:00
diff --git a/src/content/docs/waf/detections/malicious-uploads/example-rules.mdx b/src/content/docs/waf/detections/malicious-uploads/example-rules.mdx
@@ -31,16 +31,16 @@ This custom rule example blocks requests addressed at `/upload` with uploaded co
 
 ## Block requests with uploaded files over 500 KB
 
-This custom rule example blocks requests addressed at `/upload` with uploaded content objects over 500 KB in size:
+This custom rule example blocks requests addressed at `/upload` with uploaded content objects over 500 KB (512,000 bytes) in size:
 
-- Expression: `any(cf.waf.content_scan.obj_sizes[*] > 500000) and http.request.uri.path eq "/upload"`
+- Expression: `any(cf.waf.content_scan.obj_sizes[*] > 512000) and http.request.uri.path eq "/upload"`
 - Action: _Block_
 
-## Block requests with uploaded files over the content scanning limit (15 MB)
+## Block requests with uploaded files over the content scanning limit (30 MB)
 
-This custom rule example blocks requests with uploaded content objects over 15 MB in size (the current content scanning limit):
+This custom rule example blocks requests with uploaded content objects over 30 MB in size (the current content scanning limit):
 
-- Expression: `any(cf.waf.content_scan.obj_sizes[*] >= 15728640)`
+- Expression: `any(cf.waf.content_scan.obj_sizes[*] >= 31457280)`
 - Action: _Block_
 
-In this example, you must also test for equality because currently any file over 15 MB will be handled internally as if it had a size of 15 MB (15,728,640 bytes). This means that using the `>` (greater than) [comparison operator](/ruleset-engine/rules-language/operators/#comparison-operators) would not work for this particular rule — you should use `>=` (greater than or equal) instead.
+In this example, you must also test for equality because currently any file over 30 MB will be handled internally as if it had a size of 30 MB (31,457,280 bytes). This means that using the `>` (greater than) [comparison operator](/ruleset-engine/rules-language/operators/#comparison-operators) would not work for this particular rule — you should use `>=` (greater than or equal) instead.
diff --git a/src/content/docs/waf/detections/malicious-uploads/index.mdx b/src/content/docs/waf/detections/malicious-uploads/index.mdx
@@ -55,7 +55,7 @@ Content scanning can check the following content objects for malicious content:
 
 All content objects in an incoming request will be checked, namely for requests with multiple uploaded files (for example, a submitted HTML form with several file inputs).
 
-The content scanner will fully check content objects with a size up to 15 MB. For larger content objects, the scanner will analyze the first 15 MB and provide scan results based on that portion of the object.
+The content scanner will fully check content objects with a size up to 30 MB. For larger content objects, the scanner will analyze the first 30 MB and provide scan results based on that portion of the object.
 
 :::note
 
