From e8ce781929be4ff97f605fcd786b89ffeaebcb0a Mon Sep 17 00:00:00 2001
From: Patricia Loraine Santa Ana <psantaana@cloudflare.com>
Date: Fri, 21 Mar 2025 10:53:12 -0700
Subject: [PATCH 1/2] update JA3/JA4 fingerprint documentation

---
 src/content/docs/bots/concepts/ja3-ja4-fingerprint.mdx | 4 +++-
 src/content/docs/bots/troubleshooting.mdx              | 8 ++------
 src/content/partials/bots/ja3-fingerprint.mdx          | 2 +-
 src/content/partials/bots/ja3-ja4-null.mdx             | 8 ++++++++
 4 files changed, 14 insertions(+), 8 deletions(-)
 create mode 100644 src/content/partials/bots/ja3-ja4-null.mdx

diff --git a/src/content/docs/bots/concepts/ja3-ja4-fingerprint.mdx b/src/content/docs/bots/concepts/ja3-ja4-fingerprint.mdx
index e343778ddefb81..65da4e485388f2 100644
--- a/src/content/docs/bots/concepts/ja3-ja4-fingerprint.mdx
+++ b/src/content/docs/bots/concepts/ja3-ja4-fingerprint.mdx
@@ -1,6 +1,6 @@
 ---
 pcx_content_type: concept
-title: JA3/JA4 Fingerprint
+title: JA3/JA4 fingerprint
 
 ---
 
@@ -72,6 +72,8 @@ When JA4 Signals are missing, the output appears as follows:
 This sample was generated using [Workers' Cloudflare Object script](/workers/examples/accessing-the-cloudflare-object/). 
 :::
 
+<Render file="ja3-ja4-null" />
+
 ## Analytics
 
 To get more information about potential bot requests, use these JA3 and JA4 fingerprints in:
diff --git a/src/content/docs/bots/troubleshooting.mdx b/src/content/docs/bots/troubleshooting.mdx
index 319f429523689d..f67698f6b61ed2 100644
--- a/src/content/docs/bots/troubleshooting.mdx
+++ b/src/content/docs/bots/troubleshooting.mdx
@@ -83,13 +83,9 @@ To allow traffic from good bots, use the [Verified Bot](/ruleset-engine/rules-la
 
 ---
 
-## Why might the ja3hash be empty in HTTP logs?
+## Why might the ja3hash or JA4 be empty in HTTP logs?
 
-The JA3 Fingerprint can be null or empty in some cases. The most common case is for HTTP requests, because JA3 is calculated in TLS, but can also be empty due to the following:
-
-- Orange to Orange zones (Cloudflare Zone proxied to another Cloudflare Zone).
-
-- Worker sending requests within the same zone or to a zone that is not proxied (or a 3rd party).
+<Render file="ja3-ja4-null" />
 
 ---
 
diff --git a/src/content/partials/bots/ja3-fingerprint.mdx b/src/content/partials/bots/ja3-fingerprint.mdx
index a8fe96c8eadd1c..66c7dd27fcce57 100644
--- a/src/content/partials/bots/ja3-fingerprint.mdx
+++ b/src/content/partials/bots/ja3-fingerprint.mdx
@@ -3,4 +3,4 @@
 
 ---
 
-[**JA3**](https://github.com/salesforce/ja3) and [**JA4**](https://github.com/FoxIO-LLC/ja4) **Fingerprints** help you profile specific SSL/TLS clients across different destination IPs, Ports, and X509 certificates.
+[**JA3**](https://github.com/salesforce/ja3) and [**JA4**](https://github.com/FoxIO-LLC/ja4) **fingerprints** help you profile specific SSL/TLS clients across different destination IPs, Ports, and X509 certificates.
diff --git a/src/content/partials/bots/ja3-ja4-null.mdx b/src/content/partials/bots/ja3-ja4-null.mdx
new file mode 100644
index 00000000000000..78cbf61d71d7b7
--- /dev/null
+++ b/src/content/partials/bots/ja3-ja4-null.mdx
@@ -0,0 +1,8 @@
+---
+{}
+
+---
+
+The [JA3/JA4 fingerprint](/bots/concepts/ja3-ja4-fingerprint/) can be null or empty in some cases. The most common case is for HTTP requests because JA3 and JA4 are calculated in TLS. It can also be empty due to the Worker sending requests within the same zone or to a zone that is not proxied (or a 3rd party).
+
+[Orange to Orange (O2O)](/cloudflare-for-platforms/cloudflare-for-saas/saas-customers/) should not cause null or empty JA3 or JA4 fingerprints, unless the eyeball zone is routing traffic to the target zone using a Worker.
\ No newline at end of file

From a1e38cff40118a92a6c06095f82c3936b0c49c8e Mon Sep 17 00:00:00 2001
From: Patricia Santa Ana <103445940+patriciasantaana@users.noreply.github.com>
Date: Fri, 21 Mar 2025 13:17:43 -0700
Subject: [PATCH 2/2] Update src/content/partials/bots/ja3-ja4-null.mdx

Co-authored-by: Max Phillips <mphillips@cloudflare.com>
---
 src/content/partials/bots/ja3-ja4-null.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/partials/bots/ja3-ja4-null.mdx b/src/content/partials/bots/ja3-ja4-null.mdx
index 78cbf61d71d7b7..2add7303524256 100644
--- a/src/content/partials/bots/ja3-ja4-null.mdx
+++ b/src/content/partials/bots/ja3-ja4-null.mdx
@@ -3,6 +3,6 @@
 
 ---
 
-The [JA3/JA4 fingerprint](/bots/concepts/ja3-ja4-fingerprint/) can be null or empty in some cases. The most common case is for HTTP requests because JA3 and JA4 are calculated in TLS. It can also be empty due to the Worker sending requests within the same zone or to a zone that is not proxied (or a 3rd party).
+The [JA3/JA4 fingerprint](/bots/concepts/ja3-ja4-fingerprint/) can be null or empty in some cases. The most common case is for HTTP requests because JA3 and JA4 are calculated in TLS. It can also be empty due to the Worker sending requests within the same zone or to a zone that is not proxied (or a third party).
 
 [Orange to Orange (O2O)](/cloudflare-for-platforms/cloudflare-for-saas/saas-customers/) should not cause null or empty JA3 or JA4 fingerprints, unless the eyeball zone is routing traffic to the target zone using a Worker.
\ No newline at end of file