cloudflare · pedrosousa · Jul 25, 2025 · Jul 25, 2025 · Jul 25, 2025
@@ -26,7 +26,7 @@ If you cannot deploy any additional overrides, consider editing an existing over
 
 ## Access
 
-<Tabs syncKey="dashNewNav"> 
+<Tabs syncKey="dashNewNav">
 	<TabItem label="Old dashboard">
     <Steps>
       1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and website.
@@ -37,8 +37,8 @@ If you cannot deploy any additional overrides, consider editing an existing over
   <TabItem label="New dashboard" icon="rocket">
     <Steps>
       1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
-      2. Go to **Security** > **Security rules**.
-      3. On **HTTP DDoS Attack Protection**, select **Create override**.
+      2. Go to **Security** > **Security rules** > **DDoS protection** tab.
+      3. On **HTTP DDoS attack protection**, select **Create override**.
     </Steps>
   </TabItem>
 </Tabs>

@@ -26,7 +26,7 @@ If you do not have access to Page Shield in the Cloudflare dashboard, check if y
 </TabItem> <TabItem label="New dashboard" icon="rocket">
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
-2. Go to **Security** > **Settings** and filter by **Client side abuse**.
+2. Go to **Security** > **Settings** and filter by **Client-side abuse**.
 3. Turn on **Continuous script monitoring**.
 
 If you do not have access to resource monitoring in the Cloudflare dashboard, check if your user has one of the [necessary roles](/page-shield/reference/roles-and-permissions/).

@@ -44,7 +44,7 @@ To configure the CSP reporting endpoint:
 </TabItem> <TabItem label="New dashboard" icon="rocket">
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
-2. Go to **Security** > **Settings** and filter by **Client side abuse**.
+2. Go to **Security** > **Settings** and filter by **Client-side abuse**.
 3. Under **Continuous script monitoring** > **Configurations**, select the edit icon next to **Reporting endpoint**.
 4. Select **Cloudflare-owned endpoint** or **Same hostname**.
 5. Select **Save**.
@@ -69,7 +69,7 @@ By default, Page Shield will only check the domain against malicious threat inte
 </TabItem> <TabItem label="New dashboard" icon="rocket">
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
-2. Go to **Security** > **Settings** and filter by **Client side abuse**.
+2. Go to **Security** > **Settings** and filter by **Client-side abuse**.
 3. Under **Continuous script monitoring** > **Configurations**, select the edit icon next to **Data processing**.
 4. Select **Log host only** to analyze only the hostname or **Log full URI** to use the full URI.
 5. Select **Save**.
@@ -91,7 +91,7 @@ To turn off client-side resource monitoring:
 </TabItem> <TabItem label="New dashboard" icon="rocket">
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
-2. Go to **Security** > **Settings** and filter by **Client side abuse**.
+2. Go to **Security** > **Settings** and filter by **Client-side abuse**.
 3. Next to **Continuous script monitoring**, set the toggle to **Off**.
 
 </TabItem> </Tabs>

@@ -12,7 +12,7 @@ Security rules are available in the new security dashboard in **Security** > **S
 
 ## Security rules
 
-The **Security rules** tab includes a list of different types of rules configured in your domain / zone to protect your applications and resources.
+The **Security rules** tab includes a list of different types of rules configured in your domain/zone to protect your applications and resources.
 
 To create a security rule:
 
@@ -29,6 +29,8 @@ To create a security rule:
 
 :::note[Notes]
 
+To deploy a managed ruleset, go to **Security** > **Settings** and filter by **Web application exploits**. For more information, refer to [Deploy a managed ruleset](/waf/managed-rules/deploy-zone-dashboard/#deploy-a-managed-ruleset).
+
 The **Security rules** tab includes functionality available in different products in the previous dashboard navigation structure, such as the [WAF](/waf/), [API Shield](/api-shield/), and [Page Shield](/page-shield/).
 
 The tab may show additional rule types if you have configured at least one of the following:
@@ -41,12 +43,12 @@ The tab may show additional rule types if you have configured at least one of th
 
 ## DDoS protection
 
-The **DDoS Protection** tab shows the multiple DDoS mitigation services provided by Cloudflare. You can create rules to override these mitigation tools. DDoS attack protection overrides are only available to Enterprise customers with the Advanced DDoS Protection subscription.
+The **DDoS protection** tab shows the multiple DDoS mitigation services provided by Cloudflare. You can create rules to override these mitigation tools. DDoS attack protection overrides are only available to Enterprise customers with the Advanced DDoS Protection subscription.
 
 To learn more about DDoS protection overrides, refer to the following resources:
 
-- [HTTP DDoS attack protection overrides](/ddos-protection/managed-rulesets/http/http-overrides/override-expressions/)
-- [Network-layer DDoS attack protection overrides](/ddos-protection/managed-rulesets/network/network-overrides/override-expressions/)
+- [HTTP DDoS attack protection overrides](/ddos-protection/managed-rulesets/http/http-overrides/)
+- [Network-layer DDoS attack protection overrides](/ddos-protection/managed-rulesets/network/network-overrides/)
 
 :::note
 You define overrides for the Network-layer DDoS attack protection managed ruleset at the account level in Account Home > **L3/4 DDoS** > **Network-layer DDoS Protection**.

@@ -41,8 +41,8 @@ You can create rules to override DDoS attack protection tools. DDoS attack prote
 
 To learn more about DDoS protection overrides, refer to the following resources:
 
-- [HTTP DDoS attack protection overrides](/ddos-protection/managed-rulesets/http/http-overrides/override-expressions/)
-- [Network-layer DDoS attack protection overrides](/ddos-protection/managed-rulesets/network/network-overrides/override-expressions/)
+- [HTTP DDoS attack protection overrides](/ddos-protection/managed-rulesets/http/http-overrides/)
+- [Network-layer DDoS attack protection overrides](/ddos-protection/managed-rulesets/network/network-overrides/)
 
 :::note
 You define overrides for the Network-layer DDoS attack protection managed ruleset at the account level in Account Home > **L3/4 DDoS** > **Network-layer DDoS Protection**.
@@ -61,7 +61,7 @@ Additionally, you can manage the following settings:
 - [Under Attack mode](/fundamentals/reference/under-attack-mode/) (under Security Level)
 - SSL/TLS DDoS attack protection
 
-### Bot traffic 
+### Bot traffic
 
 In the **Bot traffic** security category you can manage the following settings:
 

@@ -15,7 +15,7 @@ import { Render } from "~/components";
 This feature requires an Enterprise plan with a paid add-on.
 :::
 
-You deploy managed rulesets for an account in Account Home > **WAF** > **Managed rulesets**.
+You deploy managed rulesets for an account in Account Home > **WAF** > **Managed rulesets** tab.
 
 ![Example WAF Managed Rules configuration in the Managed rulesets tab under Account Home > WAF.](~/assets/images/waf/account/managed-rulesets-dashboard.png)
 
@@ -25,7 +25,7 @@ To deploy a managed ruleset for a single zone, refer to [Deploy a managed rulese
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account.
 
-2. Go to Account Home > **WAF** > **Managed rulesets**.
+2. Go to Account Home > **WAF** > **Managed rulesets** tab.
 
 3. Select **Deploy** > **Deploy managed ruleset**.
 
@@ -70,7 +70,7 @@ To configure an entire managed ruleset:
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account.
 
-2. Go to Account Home > **WAF** > **Managed rulesets**.
+2. Go to Account Home > **WAF** > **Managed rulesets** tab.
 
 3. Select the rule description of the _Execute_ rule that deploys the managed ruleset you want to configure. Alternatively, select the three dots > **Edit**.
 
@@ -105,7 +105,7 @@ You can browse the available rules in a managed ruleset and search for individua
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account.
 
-2. Go to Account Home > **WAF** > **Managed rulesets**.
+2. Go to Account Home > **WAF** > **Managed rulesets** tab.
 
 3. Select the rule description of the _Execute_ rule that deploys the managed ruleset you want to configure. Alternatively, select the three dots > **Edit**.
 
@@ -121,5 +121,5 @@ You can browse the available rules in a managed ruleset and search for individua
 ### Delete a managed ruleset deployment rule or an exception
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account.
-2. Go to Account Home > **WAF** > **Managed rulesets**.
+2. Go to Account Home > **WAF** > **Managed rulesets** tab.
 3. Under **Deployed managed rulesets** and next to the rule you want to delete, select the three dots > **Delete** and confirm the operation.
@@ -26,7 +26,7 @@ If you had deployed the Cloudflare Exposed Credentials Check managed ruleset:
 <Tabs syncKey="dashNewNav"> <TabItem label="Old dashboard">
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
-2. Go to **Security** > **WAF** > **Managed rules**.
+2. Go to **Security** > **WAF** > **Managed rules** tab.
 3. Under **Managed rules**, edit the rule that executes the Cloudflare Exposed Credentials Check Ruleset and take note of the current configuration (namely the performed action). Next, delete (or turn off) that rule.
 
 </TabItem> <TabItem label="New dashboard" icon="rocket">

@@ -23,7 +23,7 @@ To deploy a managed ruleset with the default configuration:
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
 
-2. Go to **Security** > **WAF** > **Managed rules**.
+2. Go to **Security** > **WAF** > **Managed rules** tab.
 
 3. Under **Managed Rulesets**, select **Deploy** next to a managed ruleset.
 
@@ -34,7 +34,7 @@ This operation deploys the managed ruleset for the current zone, creating a new
 </TabItem> <TabItem label="New dashboard" icon="rocket">
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com), and select your account and domain.
-2. Go to **Security** > **Settings** and filter by **Detections**.
+2. Go to **Security** > **Settings** and filter by **Web application exploits**.
 3. Turn on the managed ruleset you want to deploy.
 
 </TabItem> </Tabs>
@@ -43,11 +43,15 @@ This operation deploys the managed ruleset for the current zone, creating a new
 
 <Tabs syncKey="dashNewNav"> <TabItem label="Old dashboard">
 
-In the **Managed rules** tab, next to the managed ruleset you want to turn on or off, switch the **Enabled** toggle.
+1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
+2. Go to **Security** > **WAF** > **Managed rules** tab.
+3. Next to the managed ruleset you want to turn on or off, switch the **Enabled** toggle.
 
 </TabItem> <TabItem label="New dashboard" icon="rocket">
 
-In the **Settings** page, next to the managed ruleset you want to turn on or off, set the toggle to **On** or **Off**, respectively.
+1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com), and select your account and domain.
+2. Go to **Security** > **Settings** and filter by **Web application exploits**.
+3. Next to the managed ruleset you want to turn on or off, set the toggle to **On** or **Off**, respectively.
 
 </TabItem> </Tabs>
 
@@ -72,7 +76,7 @@ To configure rule field values for all the rules in a managed ruleset:
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
 
-2. Go to **Security** > **WAF** > **Managed rules**.
+2. Go to **Security** > **WAF** > **Managed rules** tab.
 
 3. Next to the _Execute_ rule deploying the managed ruleset you want to configure, select the managed ruleset name.<br/> If you have not deployed the managed ruleset yet, select the managed ruleset name under **Managed Rulesets**.
 
@@ -159,7 +163,7 @@ You can browse the available rules in a managed ruleset and search for individua
 <Tabs syncKey="dashNewNav"> <TabItem label="Old dashboard">
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account and domain.
-2. Go to **Security** > **WAF** > **Managed rules**.
+2. Go to **Security** > **WAF** > **Managed rules** tab.
 3. Next to the rule or exception (skip rule) you want to delete, select the three dots > **Delete** and confirm the operation.
 
 </TabItem> <TabItem label="New dashboard" icon="rocket">

@@ -17,27 +17,28 @@ Only users with the [Super Administrator role](/fundamentals/manage-members/role
 
 <Tabs syncKey="dashNewNav"> <TabItem label="Old dashboard">
 
-1. Open **Security** > **WAF** > **Managed rules**.
+1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com), and select your account and domain.
 
-   ![Example Managed Rules configuration in the Managed rules tab under Security > WAF](~/assets/images/waf/waf-managed-rules-tab.png)
+2. Go to **Security** > **WAF** > **Managed rules** tab.
 
-2. To configure payload logging for a ruleset you had already deployed in the WAF, select the managed ruleset name.
+   ![Example Managed Rules configuration in the Managed rules tab under Security > WAF](~/assets/images/waf/waf-managed-rules-tab.png)
 
-3. At the bottom of the page, select **Configure payload logging**.
+3. To configure payload logging for a ruleset you had already deployed in the WAF, select the managed ruleset name.
 
-4. After reading and understanding the implications of enabling payload logging, select one of the available options:
+4. At the bottom of the page, select **Configure payload logging**.
 
+5. After reading and understanding the implications of enabling payload logging, select one of the available options:
    - **Generate key pair using your web browser**: Generates a key pair (a private and a public key) in your browser and configures payload logging with the generated public key.
 
    - **Use my own public key**: Enter a public key [generated by the `matched-data-cli` command-line tool](/waf/managed-rules/payload-logging/command-line/generate-key-pair/).
 
-5. Select **Next**.
+6. Select **Next**.
 
-6. If you generated a key pair in the browser, copy the displayed private key and **store it safely**. You will use this private key later to [view the decrypted payload content](/waf/managed-rules/payload-logging/view/).
+7. If you generated a key pair in the browser, copy the displayed private key and **store it safely**. You will use this private key later to [view the decrypted payload content](/waf/managed-rules/payload-logging/view/).
 
-7. Select **Done**.
+8. Select **Done**.
 
-8. If you are deploying the managed ruleset where you configured payload logging, select **Deploy**. If you configured payload logging for a ruleset you had already deployed, select **Save**.
+9. If you are deploying the managed ruleset where you configured payload logging, select **Deploy**. If you configured payload logging for a ruleset you had already deployed, select **Save**.
 
 </TabItem> <TabItem label="New dashboard" icon="rocket">
 
@@ -52,7 +53,6 @@ Only users with the [Super Administrator role](/fundamentals/manage-members/role
 5. At the bottom of the page, select **Configure payload logging**.
 
 6. After reading and understanding the implications of enabling payload logging, select one of the available options:
-
    - **Generate key pair using your web browser**: Generates a key pair (a private and a public key) in your browser and configures payload logging with the generated public key.
 
    - **Use my own public key**: Enter a public key [generated by the `matched-data-cli` command-line tool](/waf/managed-rules/payload-logging/command-line/generate-key-pair/).

@@ -19,7 +19,7 @@ To add an exception at the zone level:
 <Tabs syncKey="dashNewNav"> <TabItem label="Old dashboard">
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com), and select your account and domain.
-2. Go to **Security** > **WAF** > **Managed rules**.
+2. Go to **Security** > **WAF** > **Managed rules** tab.
 3. Select **Add exception**.
 
 </TabItem> <TabItem label="New dashboard" icon="rocket">
@@ -33,7 +33,7 @@ To add an exception at the zone level:
 To add an exception at the account level (Enterprise plans only):
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com), and select your account.
-2. Go to Account Home > **WAF** > **Managed rulesets**.
+2. Go to Account Home > **WAF** > **Managed rulesets** tab.
 3. Select **Deploy** > **Deploy managed exception**.
 
 ## 2. Define basic exception parameters

@@ -7,7 +7,7 @@ import { Markdown, Tabs, TabItem, Steps } from "~/components"
 
 ### Delete a DDoS override
 
-<Tabs syncKey="dashNewNav"> 
+<Tabs syncKey="dashNewNav">
 <TabItem label="Old dashboard">
 <Steps>
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and {props.one}.
@@ -19,7 +19,7 @@ import { Markdown, Tabs, TabItem, Steps } from "~/components"
 <TabItem label="New dashboard" icon="rocket">
 <Steps>
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
-2. Go to **Security** > **Security rules**.
+2. Go to **Security** > **Security rules** > **DDoS protection** tab.
 3. Select the override.
 4. Select **Delete deployment**.
 </Steps>

@@ -5,7 +5,7 @@
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account.
 
-2. Go to Account Home > **WAF** > **Managed rulesets**.
+2. Go to Account Home > **WAF** > **Managed rulesets** tab.
 
 3. If you have already deployed the managed ruleset you want to configure, find the rule deploying that managed ruleset and select the rule description. Alternatively, select the three dots > **Edit** next to an *Execute* rule deploying the managed ruleset.
 

@@ -5,7 +5,7 @@
 
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
 
-2. Go to **Security** > **WAF** > **Managed rules**.
+2. Go to **Security** > **WAF** > **Managed rules** tab.
 
 3. If you have already deployed the managed ruleset you want to configure, select the managed ruleset name in the list of deployed managed rulesets. Alternatively, select the three dots > **Edit** next to the *Execute* rule deploying the managed ruleset.