You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -25,6 +25,8 @@ For every request with one or more detected content objects, the content scanner
Cloudflare uses the same [anti-virus (AV) scanner used in Cloudflare Zero Trust](/cloudflare-one/policies/gateway/http-policies/antivirus-scanning/) for WAF content scanning.
In addition, content scanning provides a [managed transform](/rules/transform/managed-transforms/reference/#add-malicious-uploads-detection-header) that adds a `Malicious-Uploads-Detection` request header indicating the outcome of scanning uploaded content for malicious signatures. For example, if the request contains at least one malicious content object, the header value will be `1`.
:::caution
Content scanning will not apply any mitigation actions to requests with content objects considered malicious. It only provides a signal that you can use to define your attack mitigation strategy. You must create rules — [custom rules](/waf/custom-rules/) or [rate limiting rules](/waf/rate-limiting-rules/) — to perform actions based on detected signals.
