cloudflare · pedrosousa · Aug 22, 2025 · Aug 21, 2025 · Aug 21, 2025 · Aug 21, 2025
@@ -6,7 +6,7 @@ sidebar:
   label: Attack score
 ---
 
-import { GlossaryTooltip } from "~/components";
+import { GlossaryTooltip, Type } from "~/components";
 
 The attack score [traffic detection](/waf/concepts/#detection-versus-mitigation) helps identify variations of known attacks and their malicious payloads. This detection complements [WAF Managed Rules](/waf/managed-rules/).
 
@@ -24,17 +24,22 @@ This feature is available to Enterprise customers. Business plans have access to
 
 The Cloudflare WAF provides the following attack score fields:
 
-| Score                  | Data type | Minimum plan required | Attack vector                    | Field                                                                                       |
-| ---------------------- | --------- | --------------------- | -------------------------------- | ------------------------------------------------------------------------------------------- |
-| WAF Attack Score       | Number    | Enterprise            | N/A (global score)               | [`cf.waf.score`](/ruleset-engine/rules-language/fields/reference/cf.waf.score/)             |
-| WAF SQLi Attack Score  | Number    | Enterprise            | [SQL injection][1] (SQLi)        | [`cf.waf.score.sqli`](/ruleset-engine/rules-language/fields/reference/cf.waf.score.sqli/)   |
-| WAF XSS Attack Score   | Number    | Enterprise            | [Cross-site scripting][2] (XSS)  | [`cf.waf.score.xss`](/ruleset-engine/rules-language/fields/reference/cf.waf.score.xss/)     |
-| WAF RCE Attack Score   | Number    | Enterprise            | [Remote code execution][3] (RCE) | [`cf.waf.score.rce`](/ruleset-engine/rules-language/fields/reference/cf.waf.score.rce/)     |
-| WAF Attack Score Class | String    | Business              | N/A (global classification)      | [`cf.waf.score.class`](/ruleset-engine/rules-language/fields/reference/cf.waf.score.class/) |
-
-[1]: https://www.cloudflare.com/learning/security/threats/sql-injection/
-[2]: https://www.cloudflare.com/learning/security/threats/cross-site-scripting/
-[3]: https://www.cloudflare.com/learning/security/what-is-remote-code-execution/
+| Field                                                                               | Description                                                                                                                                                  | Required plan     |
+| ----------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------- |
+| WAF Attack Score <br/> [`cf.waf.score`][1] <br/> <Type text="Number" />             | A global score from 1–99 that combines the score of each WAF attack vector into a single score.                                                              | Enterprise        |
+| WAF SQLi Attack Score <br/> [`cf.waf.score.sqli`][2] <br/> <Type text="Number" />   | A score from 1–99 classifying the [SQL injection][6] (SQLi) attack vector.                                                                                   | Enterprise        |
+| WAF XSS Attack Score <br/> [`cf.waf.score.xss`][3] <br/> <Type text="Number" />     | A score from 1–99 classifying the [cross-site scripting][7] (XSS) attack vector.                                                                             | Enterprise        |
+| WAF RCE Attack Score <br/> [`cf.waf.score.rce`][4] <br/> <Type text="Number" />     | A score from 1–99 classifying the command injection or [remote code execution][8] (RCE) attack vector.                                                       | Enterprise        |
+| WAF Attack Score Class <br/> [`cf.waf.score.class`][5] <br/> <Type text="String" /> | The attack score class of the current request, based on the WAF attack score. <br/> Possible values: `attack`, `likely_attack`, `likely_clean`, and `clean`. | Business or above |
+
+[1]: /ruleset-engine/rules-language/fields/reference/cf.waf.score/
+[2]: /ruleset-engine/rules-language/fields/reference/cf.waf.score.sqli/
+[3]: /ruleset-engine/rules-language/fields/reference/cf.waf.score.xss/
+[4]: /ruleset-engine/rules-language/fields/reference/cf.waf.score.rce/
+[5]: /ruleset-engine/rules-language/fields/reference/cf.waf.score.class/
+[6]: https://www.cloudflare.com/learning/security/threats/sql-injection/
+[7]: https://www.cloudflare.com/learning/security/threats/cross-site-scripting/
+[8]: https://www.cloudflare.com/learning/security/what-is-remote-code-execution/
 
 You can use these fields in expressions of [custom rules](/waf/custom-rules/) and [rate limiting rules](/waf/rate-limiting-rules/). Attack score fields of data type `Number` vary between `1` and `99` with the following meaning:
 

@@ -20,7 +20,7 @@ Firewall for AI is a detection that can help protect your services powered by <G
 
 When enabled, the detection runs on incoming traffic, searching for any LLM prompts attempting to exploit the model.
 
-Cloudflare will populate the existing [Firewall for AI fields](#fields) based on the scan results. You can check these results in the [Security Analytics](/waf/analytics/security-analytics/) dashboard by filtering on the `cf-llm` [managed endpoint label](/api-shield/management-and-monitoring/endpoint-labels/) and reviewing the detection results on your traffic. Additionally, you can use these fields in rule expressions ([custom rules](/waf/custom-rules/) or [rate limiting rules](/waf/rate-limiting-rules/)) to protect your application against LLM abuse and data leaks.
+Cloudflare will populate the existing [Firewall for AI fields](#firewall-for-ai-fields) based on the scan results. You can check these results in the [Security Analytics](/waf/analytics/security-analytics/) dashboard by filtering on the `cf-llm` [managed endpoint label](/api-shield/management-and-monitoring/endpoint-labels/) and reviewing the detection results on your traffic. Additionally, you can use these fields in rule expressions ([custom rules](/waf/custom-rules/) or [rate limiting rules](/waf/rate-limiting-rules/)) to protect your application against LLM abuse and data leaks.
 
 ## Availability
 
@@ -86,7 +86,7 @@ Alternatively, create a custom rule like the one described in the next step usin
 - **With response type**: Custom JSON
 - **Response body**: `{ "error": "Your request was blocked. Please rephrase your request." }`
 
-For additional examples, refer to [Example mitigation rules](#example-mitigation-rules). For a list of fields provided by Firewall for AI, refer to [Fields](#fields).
+For additional examples, refer to [Example mitigation rules](#example-mitigation-rules). For a list of fields provided by Firewall for AI, refer to [Fields](#firewall-for-ai-fields).
 
 <Details header="Combine with other Rules language fields">
 
@@ -114,18 +114,25 @@ You can combine the previous expression with other [fields](/ruleset-engine/rule
 
 </Details>
 
-## Fields
+## Firewall for AI fields
 
 When enabled, Firewall for AI populates the following fields:
 
-| Name in the dashboard       | Field + Data type                                                                                                                                                    | Description                                                                                                                                                                                                                              |
-| --------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| LLM PII Detected            | [`cf.llm.prompt.pii_detected`](/ruleset-engine/rules-language/fields/reference/cf.llm.prompt.pii_detected/) <br/> <Type text="Boolean"/>                             | Indicates whether any personally identifiable information (PII) has been detected in the LLM prompt included in the request.                                                                                                             |
-| LLM PII Categories          | [`cf.llm.prompt.pii_categories`](/ruleset-engine/rules-language/fields/reference/cf.llm.prompt.pii_categories/) <br/> <Type text="Array<String>"/>                   | Array of string values with the personally identifiable information (PII) categories found in the LLM prompt included in the request.<br/>[Category list](/ruleset-engine/rules-language/fields/reference/cf.llm.prompt.pii_categories/) |
-| LLM Content Detected        | [`cf.llm.prompt.detected`](/ruleset-engine/rules-language/fields/reference/cf.llm.prompt.detected/) <br/> <Type text="Boolean "/>                                    | Indicates whether Cloudflare detected an LLM prompt in the incoming request.                                                                                                                                                             |
-| LLM Unsafe topic detected   | [`cf.llm.prompt.unsafe_topic_detected`](/ruleset-engine/rules-language/fields/reference/cf.llm.prompt.unsafe_topic_detected/) <br/> <Type text="Boolean"/>           | Indicates whether the incoming request includes any unsafe topic category in the LLM prompt.                                                                                                                                             |
-| LLM Unsafe topic categories | [`cf.llm.prompt.unsafe_topic_categories`](/ruleset-engine/rules-language/fields/reference/cf.llm.prompt.unsafe_topic_categories/) <br/> <Type text="Array<String>"/> | Array of string values with the type of unsafe topics detected in the LLM prompt.<br/>[Category list](/ruleset-engine/rules-language/fields/reference/cf.llm.prompt.unsafe_topic_categories/)                                            |
-| LLM Injection score         | [`cf.llm.prompt.injection_score`](/ruleset-engine/rules-language/fields/reference/cf.llm.prompt.injection_score/) <br/> <Type text="Number"/>                        | A score from 1–99 that represents the likelihood that the LLM prompt in the request is trying to perform a prompt injection attack.                                                                                                      |
+| Field                                                                                                             | Description                                                                                                                                                                                                                              |
+| ----------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| LLM PII detected <br/> [`cf.llm.prompt.pii_detected`][1] <br/> <Type text="Boolean"/>                             | Indicates whether any personally identifiable information (PII) has been detected in the LLM prompt included in the request.                                                                                                             |
+| LLM PII categories <br/> [`cf.llm.prompt.pii_categories`][2] <br/> <Type text="Array<String>"/>                   | Array of string values with the personally identifiable information (PII) categories found in the LLM prompt included in the request.<br/>[Category list](/ruleset-engine/rules-language/fields/reference/cf.llm.prompt.pii_categories/) |
+| LLM Content detected <br/> [`cf.llm.prompt.detected`][3] <br/> <Type text="Boolean "/>                            | Indicates whether Cloudflare detected an LLM prompt in the incoming request.                                                                                                                                                             |
+| LLM Unsafe topic detected <br/> [`cf.llm.prompt.unsafe_topic_detected`][4] <br/> <Type text="Boolean"/>           | Indicates whether the incoming request includes any unsafe topic category in the LLM prompt.                                                                                                                                             |
+| LLM Unsafe topic categories <br/> [`cf.llm.prompt.unsafe_topic_categories`][5] <br/> <Type text="Array<String>"/> | Array of string values with the type of unsafe topics detected in the LLM prompt.<br/>[Category list](/ruleset-engine/rules-language/fields/reference/cf.llm.prompt.unsafe_topic_categories/)                                            |
+| LLM Injection score <br/> [`cf.llm.prompt.injection_score`][6] <br/> <Type text="Number"/>                        | A score from 1–99 that represents the likelihood that the LLM prompt in the request is trying to perform a prompt injection attack.                                                                                                      |
+
+[1]: /ruleset-engine/rules-language/fields/reference/cf.llm.prompt.pii_detected/
+[2]: /ruleset-engine/rules-language/fields/reference/cf.llm.prompt.pii_categories/
+[3]: /ruleset-engine/rules-language/fields/reference/cf.llm.prompt.detected/
+[4]: /ruleset-engine/rules-language/fields/reference/cf.llm.prompt.unsafe_topic_detected/
+[5]: /ruleset-engine/rules-language/fields/reference/cf.llm.prompt.unsafe_topic_categories/
+[6]: /ruleset-engine/rules-language/fields/reference/cf.llm.prompt.injection_score/
 
 ## Example mitigation rules
 

@@ -7,6 +7,8 @@ sidebar:
     label: Leaked credentials
 ---
 
+import { Type } from "~/components";
+
 The leaked credentials [traffic detection](/waf/detections/) scans incoming requests for credentials (usernames and passwords) previously leaked from [data breaches](https://www.cloudflare.com/learning/security/what-is-a-data-breach/).
 
 :::note
@@ -96,13 +98,13 @@ For instructions on configuring a custom detection location, refer to [Get start
 
 ## Leaked credentials fields
 
-| Field name in the dashboard | Field                                                       | Availability       |
-| --------------------------- | ----------------------------------------------------------- | ------------------ |
-| Password Leaked             | [`cf.waf.credential_check.password_leaked`][1]              | All plans          |
-| User and Password Leaked    | [`cf.waf.credential_check.username_and_password_leaked`][2] | Pro plan and above |
-| Username Leaked             | [`cf.waf.credential_check.username_leaked`][3]              | Enterprise plan    |
-| Similar Password Leaked     | [`cf.waf.credential_check.username_password_similar`][4]    | Enterprise plan    |
-| Authentication detected     | [`cf.waf.auth_detected`][5]                                 | Enterprise plan    |
+| Field                                                                                                                    | Description                                                                                                                                                     |
+| ------------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| Password Leaked <br/> [`cf.waf.credential_check.password_leaked`][1] <br/> <Type text="Boolean" />                       | Indicates whether the password detected in the request was previously leaked. <br/> Available on all plans.                                                     |
+| User and Password Leaked <br/> [`cf.waf.credential_check.username_and_password_leaked`][2] <br/> <Type text="Boolean" /> | Indicates whether the username-password pair detected in the request were previously leaked. <br/> Requires a Pro plan or above.                                |
+| Username Leaked <br/> [`cf.waf.credential_check.username_leaked`][3] <br/> <Type text="Boolean" />                       | Indicates whether the username detected in the request was previously leaked. <br/> Requires an Enterprise plan.                                                |
+| Similar Password Leaked <br/> [`cf.waf.credential_check.username_password_similar`][4] <br/> <Type text="Boolean" />     | Indicates whether a similar version of the username and password credentials detected in the request were previously leaked. <br/> Requires an Enterprise plan. |
+| Authentication detected <br/> [`cf.waf.auth_detected`][5] <br/> <Type text="Boolean" />                                  | Indicates whether Cloudflare detected authentication credentials in the request. <br/> Requires an Enterprise plan.                                             |
 
 [1]: /ruleset-engine/rules-language/fields/reference/cf.waf.credential_check.password_leaked/
 [2]: /ruleset-engine/rules-language/fields/reference/cf.waf.credential_check.username_and_password_leaked/