Merge branch 'production' into maddy/email-security-fix-broken-link

Author: Maddy-Cloudflare

public/__redirects

@@ -2146,7 +2146,7 @@
 /cloudflare-one/analytics/private-network-discovery/ /cloudflare-one/insights/analytics/shadow-it-discovery/#private-network-origins 301
 /cloudflare-one/analytics/access/ /cloudflare-one/insights/analytics/access/ 301
 /cloudflare-one/analytics/gateway/ /cloudflare-one/insights/analytics/gateway/ 301
-/cloudflare-one/analytics/users/ /cloudflare-one/insights/logs/users/ 301
+/cloudflare-one/analytics/users/ /cloudflare-one/team-and-resources/users/users/ 301
 /cloudflare-one/api-terraform/access-api-examples/azure-group/ /cloudflare-one/api-terraform/access-api-examples/entra-group/ 301
 /cloudflare-one/api-terraform/gateway-api-examples/ /cloudflare-one/policies/gateway/ 301
 /cloudflare-one/api-terraform/gateway-api-examples/dns-policy/ /cloudflare-one/policies/gateway/dns-policies/common-policies/ 301
@@ -2252,7 +2252,7 @@
 /cloudflare-one/identity/idp-integration/ping-saml/ /cloudflare-one/identity/idp-integration/pingfederate-saml/ 301
 /cloudflare-one/identity/idp-integration/saml-okta/ /cloudflare-one/identity/idp-integration/okta-saml/ 301
 /cloudflare-one/identity/login-page/ /cloudflare-one/applications/login-page/ 301
-/cloudflare-one/insights/analytics/ /cloudflare-one/insights/analytics/analytics-overview/ 301
+/cloudflare-one/insights/analytics/ /cloudflare-one/insights/analytics-overview/ 301
 /cloudflare-one/insights/dex/fleet-status/ /cloudflare-one/insights/dex/monitoring/ 301
 /cloudflare-one/insights/logs/logpush/rdata/ /cloudflare-one/insights/logs/logpush/#parse-logpush-logs 301
 /cloudflare-one/applications/custom-pages/ /cloudflare-one/applications/ 301
@@ -2423,20 +2423,24 @@
 /cloudflare-one/applications/casb/ /cloudflare-one/cloud-and-saas-findings/ 301
 /cloudflare-one/applications/casb/manage-findings/ /cloudflare-one/cloud-and-saas-findings/manage-findings/ 301
 /cloudflare-one/applications/casb/casb-dlp/ /cloudflare-one/cloud-and-saas-findings/casb-dlp/ 301
+/cloudflare-one/access-controls/applications/http-apps/mcp-servers/mcp-portals	/cloudflare-one/access-controls/ai-controls/mcp-portals/ 301
+/cloudflare-one/connections/connect-devices/warp/user-side-certificates/ /cloudflare-one/team-and-resources/devices/user-side-certificates/ 301
+/cloudflare-one/team-and-resources/devices/warp/user-side-certificates/ /cloudflare-one/team-and-resources/devices/user-side-certificates/ 301
+/cloudflare-one/insights/analytics/analytics-overview/ /cloudflare-one/insights/analytics-overview/ 301
+/cloudflare-one/insights/risk-score/ /cloudflare-one/team-and-resources/users/risk-score/ 301
+/cloudflare-one/insights/logs/users/ /cloudflare-one/team-and-resources/users/users/ 301
 
 # Email Security new revamp
 /cloudflare-one/email-security/email-monitoring/download-report/ /cloudflare-one/email-security/monitoring/download-report/ 301
 /cloudflare-one/email-security/email-monitoring/* /cloudflare-one/email-security/monitoring/:splat 301
 /cloudflare-one/email-security/auto-moves/ /cloudflare-one/email-security/settings/auto-moves/ 301
-/cloudflare-one/email-security/detection-settings/additional-detections/ /cloudflare-one/email-security/settings/detection-settings/additional-detections/ 301
+/cloudflare-one/email-security/detection-settings/detection-settings/* /cloudflare-one/email-security/settings/detection-settings/:splat 301
 /cloudflare-one/email-security/detection-settings/allow-policies/ /cloudflare-one/email-security/settings/detection-settings/allow-policies/ 301
 /cloudflare-one/email-security/detection-settings/blocked-senders/ /cloudflare-one/email-security/settings/detection-settings/blocked-senders/ 301
-/cloudflare-one/email-security/detection-settings/configure-link-actions/ /cloudflare-one/email-security/settings/detection-settings/configure-link-actions/ 301
-/cloudflare-one/email-security/detection-settings/detection-settings/* /cloudflare-one/email-security/settings/detection-settings/:splat 301
-/cloudflare-one/email-security/detection-settings/configure-text-add-ons/ /cloudflare-one/email-security/settings/detection-settings/configure-text-add-ons/ 301
 /cloudflare-one/email-security/detection-settings/trusted-domains/ /cloudflare-one/email-security/settings/detection-settings/trusted-domains/ 301
 /cloudflare-one/email-security/detection-settings/impersonation-registry/* /cloudflare-one/email-security/settings/detection-settings/impersonation-registry/:splat 301
-/cloudflare-one/email-security/detection-settings/* /cloudflare-one/email-security/settings/detection-settings/:splat 301
+/cloudflare-one/email-security/detection-settings/configure-link-actions/ /cloudflare-one/email-security/settings/detection-settings/configure-link-actions/ 301
+/cloudflare-one/email-security/detection-settings/configure-text-add-ons/ /cloudflare-one/email-security/settings/detection-settings/configure-text-add-ons/ 301
 /cloudflare-one/email-security/reference/domain-information/ /cloudflare-one/email-security/settings/domain-management/domain/ 301
 /cloudflare-one/insights/email-monitoring/phish-submissions/* /cloudflare-one/email-security/settings/phish-submissions/:splat 301
 

src/content/changelog/risk-score/2024-06-17-okta-risk-exchange.mdx

@@ -6,6 +6,6 @@ date: 2024-06-17
 
 import { Render } from "~/components";
 
-Beyond the controls in [Zero Trust](/cloudflare-one/), you can now [exchange user risk scores](/cloudflare-one/insights/risk-score/#send-risk-score-to-okta) with Okta to inform SSO-level policies.
+Beyond the controls in [Zero Trust](/cloudflare-one/), you can now [exchange user risk scores](/cloudflare-one/team-and-resources/users/risk-score/#send-risk-score-to-okta) with Okta to inform SSO-level policies.
 
 <Render file="send-risk-scores-okta" product="cloudflare-one" />

src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/saas-customers/provider-guides/bigcommerce.mdx

@@ -52,6 +52,14 @@ If you cannot activate your domain using [proxied DNS records](/dns/proxy-status
 	product="cloudflare-for-platforms"
 />
 
+## Zone hold
+
+<Render
+	file="provider-guide-zone-hold"
+	params={{ providerName: "BigCommerce" }}
+	product="cloudflare-for-platforms"
+/>
+
 ## Additional support
 
 <Render

src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/saas-customers/provider-guides/hubspot.mdx

@@ -50,11 +50,11 @@ For questions about your HubSpot setup, refer to [HubSpot's reverse proxy suppor
 
 ## Zone hold
 
-Because you have your own Cloudflare zone, you have access to the zone hold feature, which is a toggle that prevents your domain name from being created as a zone in a different Cloudflare account. Additionally, if the zone hold feature is enabled, it prevents the activation of custom hostnames onboarded to HubSpot. HubSpot would receive the following error message for your custom hostname: `The hostname is associated with a held zone. Please contact the owner of this domain to have the hold removed.`
-
-To successfully activate the custom hostname on HubSpot, the owner of the zone needs to [temporarily release the hold](/fundamentals/account/account-security/zone-holds/#release-zone-holds). If you are only onboarding a subdomain as a custom hostname to HubSpot, only the subfeature titled `Also prevent Subdomains` needs to be temporarily disabled.
-
-Once the zone hold is temporarily disabled, follow HubSpot's instructions to refresh the custom hostname and it should activate.
+<Render
+	file="provider-guide-zone-hold"
+	params={{ providerName: "HubSpot" }}
+	product="cloudflare-for-platforms"
+/>
 
 ## Additional support
 

src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/saas-customers/provider-guides/kinsta.mdx

@@ -44,6 +44,14 @@ To enable O2O for a specific hostname within a Cloudflare zone, [create](/dns/ma
 	product="cloudflare-for-platforms"
 />
 
+## Zone hold
+
+<Render
+	file="provider-guide-zone-hold"
+	params={{ providerName: "Kinsta" }}
+	product="cloudflare-for-platforms"
+/>
+
 ## Additional support
 
 <Render

src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/saas-customers/provider-guides/render.mdx

@@ -62,6 +62,14 @@ If your root domain needs to route somewhere besides Render, add individual subd
 	product="cloudflare-for-platforms"
 />
 
+## Zone hold
+
+<Render
+	file="provider-guide-zone-hold"
+	params={{ providerName: "Render" }}
+	product="cloudflare-for-platforms"
+/>
+
 ## Additional support
 
 <Render

src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/saas-customers/provider-guides/salesforce-commerce-cloud.mdx

@@ -79,6 +79,14 @@ And, the following is an **incorrect** configuration because `preview.example.co
 	product="cloudflare-for-platforms"
 />
 
+## Zone hold
+
+<Render
+	file="provider-guide-zone-hold"
+	params={{ providerName: "Salesforce Commerce Cloud" }}
+	product="cloudflare-for-platforms"
+/>
+
 ## Additional support
 
 <Render

src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/saas-customers/provider-guides/shopify.mdx

@@ -56,6 +56,14 @@ If you cannot activate your domain using [proxied DNS records](/dns/proxy-status
 	product="cloudflare-for-platforms"
 />
 
+## Zone hold
+
+<Render
+	file="provider-guide-zone-hold"
+	params={{ providerName: "Shopify" }}
+	product="cloudflare-for-platforms"
+/>
+
 ## Additional support
 
 <Render

src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/saas-customers/provider-guides/webflow.mdx

@@ -33,6 +33,14 @@ To enable O2O for a specific hostname within a Cloudflare Zone, [create](/dns/ma
 | ------- | -------------------- | --------------------- | ------------ |
 | `CNAME` | `<YOUR_DOMAIN>`      | `cdn.webflow.com`     | Proxied      |
 
+## Zone hold
+
+<Render
+	file="provider-guide-zone-hold"
+	params={{ providerName: "Webflow" }}
+	product="cloudflare-for-platforms"
+/>
+
 ## Product compatibility
 
 <Render

src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/saas-customers/provider-guides/wpengine.mdx

@@ -54,11 +54,11 @@ If you cannot activate your domain using [proxied DNS records](/dns/proxy-status
 
 ## Zone hold
 
-If your own Cloudflare zone is on the Enterprise plan, you have access to the [zone hold feature](/fundamentals/account/account-security/zone-holds/), which is a toggle that prevents your domain name from being created as a zone in a different Cloudflare account. Additionally, if the zone hold is enabled, it prevents the activation of custom hostnames onboarded to WP Engine. WP Engine would receive the following error message for your custom hostname: `The hostname is associated with a held zone. Please contact the owner of this domain to have the hold removed.`
-
-To successfully activate the custom hostname on WP Engine, the owner of the zone needs to [temporarily release the hold](/fundamentals/account/account-security/zone-holds/#release-zone-holds). If you are only onboarding a subdomain as a custom hostname to WP Engine, only the subfeature titled `Also prevent Subdomains` needs to be temporarily disabled.
-
-Once the zone hold is temporarily disabled, follow WP Engine's instructions to refresh the custom hostname and it should activate.
+<Render
+	file="provider-guide-zone-hold"
+	params={{ providerName: "WP Engine" }}
+	product="cloudflare-for-platforms"
+/>
 
 ## Additional support