[Security] Update settings (new nav)

src/content/docs/api-shield/management-and-monitoring/developer-portal.mdx

@@ -4,10 +4,9 @@ type: overview
 title: Build developer portals
 sidebar:
   order: 5
-
 ---
 
-import { GlossaryTooltip, Tabs, TabItem, Steps } from "~/components"
+import { GlossaryTooltip, Tabs, TabItem, Steps } from "~/components";
 
 Once your <GlossaryTooltip term="API endpoint">endpoints</GlossaryTooltip> are saved, API Shield doubles as an API catalog. API Shield can build an interactive documentation portal with the knowledge it has of your APIs, or you can upload a new OpenAPI schema file to build a documentation portal ad-hoc.
 
@@ -29,23 +28,25 @@ To create a developer portal:
       6. Select **Create pages project** to begin project creation. A new Pages project will be automatically created and your API schema will be automatically uploaded to the project along with other supporting static content.
       7. Select **Deploy site**.
     </Steps>
+
   </TabItem>
   <TabItem label="New dashboard" icon="rocket">
     <Steps>
       1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/login), and select your account and domain.
-      2. Go to **Security** > **Settings**
+      2. Go to **Security** > **Settings**.
       3. Filter by **API abuse**.
       4. On **Create a developer portal**, select **Create site**.
-      4. Upload an OpenAPI v3.0 schema file or choose to select an existing schema from API Shield.
+      5. Upload an OpenAPI v3.0 schema file or choose to select an existing schema from API Shield.
           :::note
           If you do not have a schema to upload or to select from a pre-existing schema, export your Endpoint Management schema. For best results, include the learned parameters.
 
           Only <GlossaryTooltip term="API schema">API schemas</GlossaryTooltip> uploaded to Schema validation 2.0 are available when selecting existing schemas.
           :::
-      5. Select **Download project files** to save a local copy of the files that will be uploaded to Cloudflare Pages. Downloading the project files can be helpful if you wish to modify the project in any way and then upload the new version manually to Pages.
-      6. Select **Create pages project** to begin project creation. A new Pages project will be automatically created and your API schema will be automatically uploaded to the project along with other supporting static content.
-      7. Select **Deploy site**.
+      6. Select **Download project files** to save a local copy of the files that will be uploaded to Cloudflare Pages. Downloading the project files can be helpful if you wish to modify the project in any way and then upload the new version manually to Pages.
+      7. Select **Create pages project** to begin project creation. A new Pages project will be automatically created and your API schema will be automatically uploaded to the project along with other supporting static content.
+      8. Select **Deploy site**.
     </Steps>
+
   </TabItem>
 </Tabs>
 

src/content/docs/api-shield/management-and-monitoring/endpoint-labels.mdx

@@ -109,7 +109,7 @@ Cloudflare will only add authentication labels to endpoints with successful resp
       1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/login), and select your account and domain.
       2. Go to **Security** > **Settings**.
       3. Filter by **API abuse**.
-      4. Under **Endpoint labels**, select **Manage label**.
+      4. Under **Endpoint labels**, select **Manage labels**.
       5. Name the label and add an optional label description.
       6. Apply the label to your selected endpoints.
       7. Select **Create label**.

src/content/docs/api-shield/security/jwt-validation/index.mdx

@@ -36,7 +36,7 @@ A JWT validation configuration consists of creating a token validation configura
       1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/login), and select your account and domain.
       2. Go to **Security** > **Settings**.
       3. Filter by **API abuse**.
-      4. On **Token configurations**, select **Configure tokens**.
+      4. On **Token configurations**, select **Configure tokens**. If you already have one or more tokens, select **<N> out of <M> configurations used** instead.
       5. Add a name for your configuration.
       6. Choose where Cloudflare can locate the JWT for this configuration on incoming requests, such as a header or cookie and its name.
       7. Copy and paste your JWT issuer's public key(s) (JWKS).
@@ -87,7 +87,7 @@ To automatically keep your JWKS up to date when your identity provider refreshes
 
 :::note
 
-Token configuration rules will automatically apply to new endpoints added to Endpoint Management if those endpoints also match the rule. 
+Token configuration rules will automatically apply to new endpoints added to Endpoint Management if those endpoints also match the rule.
 :::
 
 ## Special cases

src/content/docs/api-shield/security/schema-validation/index.mdx

@@ -142,7 +142,7 @@ To set up a fallthrough action:
          1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/login), and select your account and domain.
          2. Go to **Security** > **Settings**.
          3. Filter by **API abuse**.
-         4. Under **Custom fallthrough rules**, select **Create custom fallthrough rule** to create a custom fallthrough rule with the template.
+         4. Under **Custom fallthrough rules**, select **Create custom fallthrough rule** to create a custom fallthrough rule with the template. If you have already created fallthrough rules, select **<N> fallthrough rules** instead.
          5. Give your rule a descriptive name.
          6. Choose one or more hostnames from the dropdown menu and select your action.
          7. Select **Save as draft** to deploy later, or **Deploy** to deploy now.
@@ -208,13 +208,11 @@ To change the default action:
    <TabItem label="New dashboard" icon="rocket">
       <Steps>
          1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/login), and select your account and domain.
-         2. Go to **Security** > **Web assets** > **Schema Validation**.
-         3. Select **Schema Validation**.
-         4. Under the default `Log` action, select **Change**.
-         5. Choose a new action from the dropdown menu.
-         6. Observe the current action and accept the change by selecting **Change default action** in the popup window.
+         2. Go to **Security** > **Settings** and filter by **API abuse**.
+         3. Under **Schema validation** > **Configurations**, select the edit icon next to **Default action**.
+         4. Choose a new action from the dropdown menu.
+         5. Select **Save**.
       </Steps>
-      Alternatively, you can modify the global action via **Security** > **Settings** > **Schema Validation**.
    </TabItem>
 </Tabs>
 
@@ -241,11 +239,10 @@ To change the action on an individual endpoint:
    <TabItem label="New dashboard" icon="rocket">
       <Steps>
          1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/login), and select your account and domain.
-         2. Go to **Security** > **Web assets** > **Schema Validation**.
-         3. Select **Schema Validation** and filter the selected endpoint.
-         4. Select the ellipses on the endpoint's row.
-         5. Select **Change action**.
-         6. Choose a new action from the dropdown menu and select **Set action**.
+         2. Go to **Security** > **Web assets** > **Schema validation** tab.
+         3. Search for the endpoint to change.
+         4. Select the three dots on the endpoint's row > **Change action**.
+         5. Choose a new action from the drop-down menu and select **Set action**.
       </Steps>
    </TabItem>
 </Tabs>
@@ -268,10 +265,10 @@ To disable Schema Validation without changing actions:
    <TabItem label="New dashboard" icon="rocket">
       <Steps>
          1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/login), and select your account and domain.
-         2. Go to **Security** > **Web assets** > **Schema Validation**.
+         2. Go to **Security** > **Web assets** > **Schema validation**.
          3. Select **Schema settings**.
          4. Filter by **API abuse**.
-         5. Turn **Schema Validation** off.
+         5. Turn **Schema validation** off.
       </Steps>
    </TabItem>
 </Tabs>
@@ -293,10 +290,10 @@ Your per-endpoint configurations will be saved when modifying the setting, so th
    <TabItem label="New dashboard" icon="rocket">
       <Steps>
          1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/login), and select your account and domain.
-         2. Go to **Security** > **Web assets** > **Schema Validation**.
+         2. Go to **Security** > **Web assets** > **Schema validation** tab.
          3. Select **Schema settings**.
          4. Filter by **API abuse**.
-         5. View your schemas on **Schema Validation** > **Active schemas**.
+         5. View your schemas on **Schema validation** > **Active schemas**.
       </Steps>
    </TabItem>
 </Tabs>
@@ -320,10 +317,10 @@ To delete currently uploaded or learned schemas:
    <TabItem label="New dashboard" icon="rocket">
       <Steps>
          1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/login), and select your account and domain.
-         2. Go to **Security** > **Web assets** > **Schema Validation**.
+         2. Go to **Security** > **Web assets** > **Schema validation** tab.
          3. Select **Schema settings**.
          4. Filter by **API abuse**.
-         5. View your schemas on **Schema Validation** > **Active schemas**.
+         5. View your schemas on **Schema validation** > **Active schemas**.
          6. Select the ellipses to access the menu and download or delete the listed schema.
       </Steps>
    </TabItem>

src/content/docs/bots/additional-configurations/managed-robots-txt.mdx

@@ -47,24 +47,24 @@ If your website does not have a `robots.txt` file, Cloudflare creates a new file
 
 To implement a `robots.txt` file on your domain:
 
-<Tabs syncKey="dashNewNav"> 
+<Tabs syncKey="dashNewNav">
 	<TabItem label="Old dashboard">
 		<Steps>
 			<Render
 				file="enable-managed-robots-txt"
 				params={{ one: "Bot Fight Mode" }}
 			/>
 		</Steps>
-	</TabItem> 
+	</TabItem>
 	<TabItem label="New dashboard" icon="rocket">
 		<Steps>
 			1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/login), and select your account and domain.
 			2. Go to **Security** > **Settings**.
 			3. Filter by **Bot traffic**.
-			4. Go to **Managed robots.txt**. 
-			5. Turn **Managed robots.txt** on.
+			4. Go to **Manage AI bot traffic with robots.txt**.
+			5. Turn **Manage AI bot traffic with robots.txt** on.
 		</Steps>
-	</TabItem> 
+	</TabItem>
 </Tabs>
 
 ## Availability

src/content/docs/bots/get-started/bot-management.mdx

@@ -23,7 +23,7 @@ This Enterprise product provides the most flexibility to customers by:
 
 Bot Management is automatically enabled for Enterprise zones entitled with the add-on.
 
-<Tabs syncKey="dashNewNav"> 
+<Tabs syncKey="dashNewNav">
   <TabItem label="Old dashboard">
       To enable a [Bot Management](https://dash.cloudflare.com/?to=/:account/:zone/security/bots) trial on Enterprise zones without the Bot Management add-on entitled:
     <Steps>
@@ -37,9 +37,9 @@ Bot Management is automatically enabled for Enterprise zones entitled with the a
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/login), and select your account and domain.
 2. Go to **Security** > **Settings**.
 3. Filter by **Bot traffic**.
-4. Go to **Bot Management**. 
-5. Turn **Bot Management** on.
-6. Choose how your domain should respond to various types of traffic by selecting the associated edit icon.   
+4. Go to **Bot management**.
+5. Turn **Bot management** on.
+6. Choose how your domain should respond to various types of traffic by selecting the associated edit icon.
       - For more details on verified bots, refer to [Verified Bots](/bots/concepts/bot/#verified-bots).
       - For more details on supported file types, refer to [Static resource protection](/bots/additional-configurations/static-resources/).
       - For more details on invisible code injection, refer to [JavaScript detections](/bots/additional-configurations/javascript-detections/).

src/content/docs/cloudflare-challenges/challenge-types/challenge-pages/challenge-passage.mdx

@@ -24,7 +24,7 @@ To update the Challenge Passage (and the value of the `cf_clearance` cookie):
 1. Log into the [Cloudflare dashboard](https://dash.cloudflare.com).
 2. Select your account and domain.
 3. Go to **Security** > **Settings**.
-4. For **Challenge Passage**, set a duration.
+4. For **Challenge passage**, set a timeout duration.
 
 ### Limitations
 

src/content/docs/page-shield/get-started.mdx

@@ -27,7 +27,7 @@ If you do not have access to Page Shield in the Cloudflare dashboard, check if y
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
 2. Go to **Security** > **Settings** and filter by **Client side abuse**.
-3. Next to **Continuous script monitoring**, set the toggle to **On**.
+3. Turn on **Continuous script monitoring**.
 
 If you do not have access to resource monitoring in the Cloudflare dashboard, check if your user has one of the [necessary roles](/page-shield/reference/roles-and-permissions/).
 

src/content/docs/security-center/infrastructure/security-file.mdx

@@ -12,13 +12,14 @@ To manage your [security.txt](https://en.wikipedia.org/wiki/Security.txt) file v
 <Tabs syncKey="dashNewNav"> <TabItem label="Old dashboard">
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), select your account and domain.
-2. Go to **Security** > **Settings** > **Enable Security.txt**.
+2. Go to **Security** > **Settings**.
+3. Next to **Enable Security.txt**, select **Edit Security.txt**.
 
 </TabItem> <TabItem label="New dashboard" icon="rocket">
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), select your account and domain.
-2. Go to **Security** > **Settings** > **All settings** tab.
-3. Next to **Enable Security.txt**, select **Edit**.
+2. Go to **Security** > **Settings** and filter by **Web application exploits**.
+3. Under **Security.txt** > **Configurations**, select the edit icon.
 
 </TabItem> </Tabs>
 
@@ -27,7 +28,6 @@ From here, you can create and manage your `security.txt` file to provide the sec
 Fill in the following information:
 
 - **(Required) Contact**: You can enter one of the following to contact you about security issues:
-
   - An email address: The email address must start with `mailto:` (for example, `mailto:[email protected]`).
   - A phone number: The phone number must start with `tel:` (for example, `tel:+1 1234567890`).
   - A URL link: The URL link must start with `https://` (for example, `https://example.com`).
@@ -47,15 +47,22 @@ Once you have entered the necessary information, select **Save**.
 To edit your security.txt file:
 
 - Old dashboard: Select **Security** > **Settings** > **Edit Security.txt**.
-- New security dashboard: In the **All settings** tab, select **Edit** next to **Enable Security.txt**.
+- New security dashboard:
+  1. Go to **Security** > **Settings** and filter by **Web application exploits**.
+  2. Under **Security.txt** > **Configurations**, select the edit icon.
 
-To download your security.txt file, select **Security** > **Settings** > **Download Security.txt**.
+To download your security.txt file:
+
+- Old dashboard: Select **Security** > **Settings** > **Download Security.txt**.
+- New security dashboard:
+  1. Go to **Security** > **Settings** and filter by **Web application exploits**.
+  2. Under **Security.txt** > **Configurations**, select the download icon.
 
 To delete your security.txt file:
 
 - Old dashboard:
   - Select **Security** > **Settings** > **Delete Security.txt**.
 - New security dashboard:
-  1. Select **Security** > **Settings** > **All settings** tab.
-  2. Next to **Enable Security.txt**, select **Edit**.
+  1. Select **Security** > **Settings** and filter by **Web application exploits**.
+  2. Under **Security.txt** > **Configurations**, select the edit icon.
   3. Select **Delete**.