cloudflare · pedrosousa · Oct 14, 2025 · Oct 9, 2025
@@ -36,11 +36,11 @@ This custom rule example blocks requests addressed at `/upload` with uploaded co
 - Expression: `any(cf.waf.content_scan.obj_sizes[*] > 512000) and http.request.uri.path eq "/upload"`
 - Action: _Block_
 
-## Block requests with uploaded files over the content scanning limit (30 MB)
+## Block requests with uploaded files over the content scanning limit (50 MB)
 
-This custom rule example blocks requests with uploaded content objects over 30 MB in size (the current content scanning limit):
+This custom rule example blocks requests with uploaded content objects over 50 MB in size (the current content scanning limit):
 
-- Expression: `any(cf.waf.content_scan.obj_sizes[*] >= 31457280)`
+- Expression: `any(cf.waf.content_scan.obj_sizes[*] >= 52428800)`
 - Action: _Block_
 
-In this example, you must also test for equality because currently any file over 30 MB will be handled internally as if it had a size of 30 MB (31,457,280 bytes). This means that using the `>` (greater than) [comparison operator](/ruleset-engine/rules-language/operators/#comparison-operators) would not work for this particular rule — you should use `>=` (greater than or equal) instead.
+In this example, you must also test for equality because currently any file over 50 MB will be handled internally as if it had a size of 50 MB (52,428,800 bytes). This means that using the `>` (greater than) [comparison operator](/ruleset-engine/rules-language/operators/#comparison-operators) would not work for this particular rule — you should use `>=` (greater than or equal) instead.
@@ -9,7 +9,6 @@ sidebar:
 
 import { GlossaryTooltip, Type } from "~/components";
 
-
 The malicious uploads detection, also called uploaded content scanning, is a WAF [traffic detection](/waf/concepts/#detection-versus-mitigation) that scans content being uploaded to your application.
 
 When enabled, content scanning attempts to detect content objects, such as uploaded files, and scans them for malicious signatures like malware. The scan results, along with additional metadata, are exposed as fields available in WAF [custom rules](/waf/custom-rules/), allowing you to implement fine-grained mitigation rules.
@@ -56,7 +55,7 @@ Content scanning can check the following content objects for malicious content:
 
 All content objects in an incoming request will be checked, namely for requests with multiple uploaded files (for example, a submitted HTML form with several file inputs).
 
-The content scanner will fully check content objects with a size up to 30 MB. For larger content objects, the scanner will analyze the first 30 MB and provide scan results based on that portion of the object.
+The content scanner will fully check content objects with a size up to 50 MB. For larger content objects, the scanner will analyze the first 50 MB and provide scan results based on that portion of the object.
 
 :::note[Notes]