[WAF] Use Steps component (#24723)

Author: pedrosousa

src/content/docs/ruleset-engine/rules-language/expressions/edit-expressions.mdx

@@ -11,10 +11,9 @@ description: Edit expressions in the Cloudflare dashboard using the Expression
   in which you type the expression.
 ---
 
-In the Cloudflare dashboard, there are two options for editing [expressions](/ruleset-engine/rules-language/expressions/):
+import { Render } from "~/components";
 
-- **Expression Builder**: Allows you to create expressions using drop-down lists, emphasizing a visual approach to defining an expression.
-- **Expression Editor**: A text-only interface that supports advanced features, such as grouping symbols and functions for transforming and validating values.
+<Render file="expression-builder-editor" product="ruleset-engine" />
 
 In general, you can switch back and forth between the Expression Builder and the Expression Editor. However, the Expression Builder does not support [nested expressions](#create-nested-expressions) or the [raw string syntax](/ruleset-engine/rules-language/values/#raw-string-syntax).
 

src/content/docs/waf/account/custom-rulesets/create-dashboard.mdx

@@ -10,7 +10,7 @@ head:
     content: Work with WAF custom rulesets in the dashboard
 ---
 
-import { Render } from "~/components";
+import { Render, Steps } from "~/components";
 
 :::note
 This feature requires an Enterprise plan with a paid add-on.
@@ -20,6 +20,8 @@ Custom rulesets are configured at the account level. To work with custom ruleset
 
 ## Create and deploy a custom ruleset
 
+<Steps>
+
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account.
 
 2. Go to Account Home > **WAF** > **Custom rulesets**.
@@ -54,8 +56,12 @@ Custom rulesets are configured at the account level. To work with custom ruleset
 
 13. Select **Create**.
 
+</Steps>
+
 ## Edit a custom ruleset
 
+<Steps>
+
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account.
 
 2. Go to Account Home > **WAF** > **Custom rulesets**.
@@ -68,17 +74,23 @@ Custom rulesets are configured at the account level. To work with custom ruleset
 
 5. When you are done, select **Back to rulesets list**.
 
+</Steps>
+
 :::caution
 Deployed custom rulesets will only apply to incoming traffic of Enterprise domains. The Expression Builder will automatically include this filter. If you define a custom expression for the ruleset using the Expression Editor, you must use parentheses to enclose any custom conditions and end your expression with `and cf.zone.plan eq "ENT"` so that the rule only applies to domains on an Enterprise plan.
 :::
 
 ## Delete a custom ruleset
 
+<Steps>
+
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account.
 2. Go to Account Home > **WAF** > **Custom rulesets**.
 3. To delete a custom ruleset, select the three dots next to it > **Delete**.
 4. To confirm the delete operation, select **Delete**.
 
+</Steps>
+
 ## Configure a custom response for blocked requests
 
 <Render

src/content/docs/waf/account/managed-rulesets/deploy-dashboard.mdx

@@ -9,7 +9,7 @@ head:
     content: Deploy a WAF managed ruleset in the dashboard for an account
 ---
 
-import { Render } from "~/components";
+import { Render, Steps } from "~/components";
 
 :::note
 This feature requires an Enterprise plan with a paid add-on.
@@ -23,6 +23,8 @@ To deploy a managed ruleset for a single zone, refer to [Deploy a managed rulese
 
 ## Deploy a managed ruleset
 
+<Steps>
+
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account.
 
 2. Go to Account Home > **WAF** > **Managed rulesets** tab.
@@ -46,6 +48,8 @@ To deploy a managed ruleset for a single zone, refer to [Deploy a managed rulese
 
 8. To deploy the managed ruleset immediately, select **Deploy**. If you are not ready to deploy, select **Save as Draft**.
 
+</Steps>
+
 The **Deployed managed rulesets** list will show an _Execute_ rule for the managed ruleset you deployed.
 
 ## Turn on or off a managed ruleset
@@ -67,6 +71,8 @@ Some managed rulesets may not allow custom configuration, depending on your Clou
 
 To configure an entire managed ruleset:
 
+<Steps>
+
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account.
 
 2. Go to Account Home > **WAF** > **Managed rulesets** tab.
@@ -85,6 +91,8 @@ To configure an entire managed ruleset:
 
 5. If you are editing a deployed managed ruleset, select **Save**. If you have not deployed the managed ruleset yet, select **Deploy** to deploy the ruleset immediately, or **Save as Draft** to save your deployment settings for later.
 
+</Steps>
+
 ### Configure rules in bulk in a managed ruleset
 
 <Render file="managed-rules-browse-account" product="waf" />
@@ -101,6 +109,8 @@ To configure an entire managed ruleset:
 
 You can browse the available rules in a managed ruleset and search for individual rules or tags.
 
+<Steps>
+
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account.
 
 2. Go to Account Home > **WAF** > **Managed rulesets** tab.
@@ -115,8 +125,14 @@ You can browse the available rules in a managed ruleset and search for individua
 
    ![The Browse rules page displaying the list of rules in the Cloudflare Managed Ruleset](~/assets/images/waf/waf-browse-rules.png)
 
+</Steps>
+
 ### Delete a managed ruleset deployment rule or an exception
 
+<Steps>
+
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account.
 2. Go to Account Home > **WAF** > **Managed rulesets** tab.
 3. Under **Deployed managed rulesets** and next to the rule you want to delete, select the three dots > **Delete** and confirm the operation.
+
+</Steps>

src/content/docs/waf/account/rate-limiting-rulesets/create-dashboard.mdx

@@ -9,7 +9,7 @@ head:
     content: Create a rate limiting ruleset in the dashboard for an account
 ---
 
-import { Render } from "~/components";
+import { Render, Steps } from "~/components";
 
 :::note
 This feature requires an Enterprise plan with a paid add-on.
@@ -19,7 +19,7 @@ At the account level, rate limiting rules are grouped into rate limiting ruleset
 
 ## 1. Create a custom rate limiting ruleset
 
-To create a new custom rate limiting ruleset:
+<Steps>
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account.
 
@@ -59,10 +59,14 @@ To create a new custom rate limiting ruleset:
 
 16. Create additional rate limiting rules as needed, and then select **Create** to create the ruleset.
 
+</Steps>
+
 ## 2. Deploy the custom rate limiting ruleset
 
 To deploy a custom rate limiting ruleset to one or more zones on an Enterprise plan:
 
+<Steps>
+
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account.
 
 2. Go to Account Home > **WAF** > **Rate limiting rulesets**.
@@ -79,6 +83,8 @@ To deploy a custom rate limiting ruleset to one or more zones on an Enterprise p
 
 6. To deploy your rule immediately, select **Deploy**. If you are not ready to deploy your rule, select **Save as Draft**.
 
+</Steps>
+
 The **Deployed custom rate limiting rulesets** list will show a rule for each deployed custom rate limiting ruleset.
 
 ## Configure a custom response for blocked requests

src/content/docs/waf/analytics/security-analytics.mdx

@@ -5,7 +5,7 @@ sidebar:
   order: 1
 ---
 
-import { FeatureTable, GlossaryTooltip, Badge } from "~/components";
+import { FeatureTable, GlossaryTooltip, Badge, Steps } from "~/components";
 
 Security Analytics displays information about all incoming HTTP requests for your domain, including requests not handled by Cloudflare security products.
 
@@ -32,13 +32,16 @@ Zone/domain-level analytics are included with all plans, though the retention pe
 
 To use Security Analytics:
 
+<Steps>
+
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account.
 
 2. Go to the account or zone/domain dashboard:
-
    - For the zone/domain dashboard, select your domain and go to **Security** > **Analytics**.
    - For the account dashboard, go to **Security Center** > **Security Analytics**.
 
+</Steps>
+
 ## Adjusting displayed data
 
 ### Apply filters
@@ -47,10 +50,14 @@ Adjust the scope of analytics by manually entering filter conditions. You can al
 
 To manually add a filter:
 
+<Steps>
+
 1. Select **Add filter**.
 2. Select a field, an operator, and a value. For example, to filter events by source IP address, select the _Source IP_ field, select the _equals_ operator, and enter the IP address.
 3. Select **Apply**.
 
+</Steps>
+
 Take the following into account when entering filter values:
 
 - Do not add quotes around values.
@@ -92,7 +99,6 @@ Each suspicious activity is classified with a severity score that can vary from
 The main chart displays the following data for the selected time frame, according to the selected tab:
 
 - **Traffic analysis**: Traffic mitigated by the Cloudflare security platform, served by Cloudflare, and served by the origin server, according to the following classification:
-
   - **Mitigated by WAF**: Requests blocked or challenged by Cloudflare's application security products such as the WAF and HTTP DDoS protection. It does not include requests that had the following actions applied: _Log_, _Skip_, and _Allow_.
   - **Served by Cloudflare**: Requests served by the Cloudflare global network such as cached content and redirects.
   - **Served by origin**: Requests served by your origin server.

src/content/docs/waf/analytics/security-events.mdx

@@ -5,7 +5,7 @@ sidebar:
   order: 2
 ---
 
-import { FeatureTable, GlossaryTooltip } from "~/components";
+import { FeatureTable, GlossaryTooltip, Steps } from "~/components";
 
 Security Events allows you to review <GlossaryTooltip term="mitigated request">mitigated requests</GlossaryTooltip> and helps you tailor your security configurations.
 
@@ -45,10 +45,14 @@ You can adjust the scope of analytics by manually entering filter conditions. Al
 
 To manually add a filter:
 
+<Steps>
+
 1. Select **Add filter**.
 2. Select a field, an operator, and a value. For example, to filter events by IP address, select _IP_ for **Action**, select _equals_ for the operator, and enter the IP address.
 3. Select **Apply**.
 
+</Steps>
+
 Take the following into account when entering filter values:
 
 - Do not add quotes around values.

src/content/docs/waf/custom-rules/create-dashboard.mdx

@@ -10,10 +10,12 @@ head:
     content: Create a custom rule in the dashboard
 ---
 
-import { Render, Tabs, TabItem } from "~/components";
+import { Render, Tabs, TabItem, Steps } from "~/components";
 
 <Tabs syncKey="dashNewNav"> <TabItem label="Old dashboard">
 
+<Steps>
+
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com), and select your account and domain.
 
 2. Go to **Security** > **WAF** > **Custom rules**.
@@ -32,8 +34,12 @@ import { Render, Tabs, TabItem } from "~/components";
 
 8. To save and deploy your rule, select **Deploy**. If you are not ready to deploy your rule, select **Save as Draft**.
 
+</Steps>
+
 </TabItem> <TabItem label="New dashboard" icon="rocket">
 
+<Steps>
+
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com), and select your account and domain.
 
 2. Go to **Security** > **Security rules**.
@@ -53,6 +59,8 @@ import { Render, Tabs, TabItem } from "~/components";
 
 8. To save and deploy your rule, select **Deploy**. If you are not ready to deploy your rule, select **Save as Draft**.
 
+</Steps>
+
 </TabItem> </Tabs>
 
 ## Configure a custom response for blocked requests

src/content/docs/waf/custom-rules/index.mdx

@@ -23,6 +23,4 @@ To define sets of custom rules that apply to more than one zone, use [custom rul
 
 To create custom rules using the Cloudflare dashboard, refer to [Create custom rules in the dashboard](/waf/custom-rules/create-dashboard/).
 
-You can also create custom rules using the [Rulesets API](/ruleset-engine/rulesets-api/). Refer to [Create custom rules via API](/waf/custom-rules/create-api/) for more information.
-
-For Terraform examples, refer to [WAF custom rules configuration using Terraform](/terraform/additional-configurations/waf-custom-rules/).
+You can also create custom rules [via API](/waf/custom-rules/create-api/) or [using Terraform](/terraform/additional-configurations/waf-custom-rules/).

src/content/docs/waf/custom-rules/skip/index.mdx

@@ -8,14 +8,16 @@ head:
     content: Configure a custom rule with the Skip action
 ---
 
-import { TabItem, Tabs } from "~/components";
+import { TabItem, Tabs, Steps } from "~/components";
 
 Use the _Skip_ action in a custom rule to skip one or more security features. A rule configured with the _Skip_ action is also known as a skip rule.
 
 For more information on the available options, refer to [Available skip options](/waf/custom-rules/skip/options/).
 
 <Tabs syncKey="dashNewNav"> <TabItem label="Old dashboard">
 
+<Steps>
+
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com), and select your account and domain.
 
 2. Go to **Security** > **WAF** > **Custom rules**.
@@ -32,8 +34,12 @@ For more information on the available options, refer to [Available skip options]
 
 7. Save your changes.
 
+</Steps>
+
 </TabItem> <TabItem label="New dashboard" icon="rocket">
 
+<Steps>
+
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com), and select your account and domain.
 
 2. Go to **Security** > **Security rules**.
@@ -50,6 +56,8 @@ For more information on the available options, refer to [Available skip options]
 
 7. Save your changes.
 
+</Steps>
+
 </TabItem> <TabItem label="API">
 
 Use the [Rulesets API](/ruleset-engine/rulesets-api/) to configure custom rules via API.

src/content/docs/waf/custom-rules/use-cases/allow-traffic-from-ips-in-allowlist.mdx

@@ -6,13 +6,16 @@ head:
     content: Allow traffic from IP addresses in allowlist only
 ---
 
+import { Steps } from "~/components";
+
 This example skips WAF rules for requests from IP addresses in an allowlist (defined using an [IP list](/waf/tools/lists/custom-lists/#ip-lists)).
 
+<Steps>
+
 1.  [Create an IP list](/waf/tools/lists/create-dashboard/) with the IP addresses for which you want to allow access.<br/>
     For example, create an IP list named `allowed_ips` with one or more IP addresses. For more information on the accepted IP address formats, refer to [IP lists](/waf/tools/lists/custom-lists/#ip-lists).
 
 2.  [Create a custom rule](/waf/custom-rules/create-dashboard/) skipping all rules for any request from the IPs in the list you created (`allowed_ips` in the current example).
-
     - **Expression**: `(ip.src in $allowed_ips)`
     - **Action**: _Skip:_
       - _All remaining custom rules_
@@ -21,6 +24,8 @@ This example skips WAF rules for requests from IP addresses in an allowlist (def
         - _All Super Bot Fight Mode rules_
         - _All managed rules_
 
+</Steps>
+
 Make sure the new rule appears before any other custom rules in the rules list.
 
 ## Other resources