Skip to content

[Cloudflare One] Traffic Policies Root-Level ELI5#28947

Open
Oxyjun wants to merge 3 commits intoproductionfrom
jun/cf1/traffic-policies/root/eli5
Open

[Cloudflare One] Traffic Policies Root-Level ELI5#28947
Oxyjun wants to merge 3 commits intoproductionfrom
jun/cf1/traffic-policies/root/eli5

Conversation

@Oxyjun
Copy link
Contributor

@Oxyjun Oxyjun commented Mar 12, 2026

Applies ELI5 (Explain Like I'm 5) clarity analysis to all 11 root-level pages in src/content/docs/cloudflare-one/traffic-policies/. The goal is to reduce jargon barriers and missing context for IT admins and security engineers who are new to Cloudflare-specific concepts.

  • index.mdx — Expand "GRE" acronym, state egress default behavior, link WARP client and Gateway logs
  • identity-selectors.mdx — Add value framing intro, reorder stale-identity explanation (base-behavior-first), simplify selector descriptions, add SAML Attribute inline definition, add Generic OIDC workaround note
  • resolver-policies.mdx — Add problem statement intro, explain IP overlap with virtual networks link, split LDF paragraph, expand "Magic tunnel", add :::caution for QUIC/UDP requirement
  • proxy.mdx — Add purpose clause to intro, link "Traffic and DNS mode" to WARP modes, fix "systcl" → "sysctl" typo, link TLS decryption
  • order-of-enforcement.mdx — Add framing sentence explaining why enforcement order matters, link Cloudflare Gateway
  • enable-ids.mdx — Replace duplicated intro with concise summary + links, fix grammar "an Cloudflare" → "a Cloudflare", standardize Logpush links, fix ${managed_ruleset_id}<MANAGED_RULESET_ID> placeholder, fix phase name inconsistency, add Rulesets Engine preamble, restructure disable instructions
  • application-app-types.mdx — Restructure hostnames vs support hostnames with explicit Block/Allow behavioral rules, add real-world Google Drive example, add TLS decryption problem lead-in, add SIP/XMPP functional descriptions
  • troubleshoot-gateway.mdx — Add Split Tunnel and Logpush cross-links, distinguish "Do Not Scan" from "Do Not Inspect", fix "still block" → "still blocks" grammar, add resolver policy cross-links, explain why resolver policies preferred over Local Domain Fallback
  • domain-categories.mdx — Make security risks vs threats distinction explicit (suspicious vs confirmed malicious), add DNS/HTTP policy and Gateway logs cross-links, expand CIPA acronym, state default filtering behavior, note "Security Risks" name collision, link DGA and DNS tunneling definitions
  • managed-service-providers.mdx — Replace "group or individual account level" with parent/child terminology, add "When used with Gateway" qualifier, add tiered-vs-siloed comparison preview, explain allow_child_bypass default behavior, fix "messaing" → "messaging" typo
  • global-policies.mdx — Define what global policies are and why they exist, add allow and resolve action definitions, add Network and HTTP inspection policy intro paragraphs with action definitions (bypass, allow, block, noisolate, noscan)

Oxyjun added 3 commits March 12, 2026 13:19
@Oxyjun
[Cloudflare One] Improve clarity of egress policies documentation
de61334 
Add missing context and definitions across all four egress policy pages:
- Frame the problem (shared IPs) before introducing the solution (dedicated egress IPs)
- Define jargon on first use: source IP anchoring, CGNAT ranges, L3/L4, BYOIP
- Break dense paragraphs into smaller conceptual units (load balancing section)
- Move IPv4/IPv6 behavior explanation before the reference table
- Clarify geolocation consequences of missing catch-all policy
- Explain why host selectors need additional configuration (L4 visibility)
- Fix 'Traffic and DNS mode mode' typo in host-selectors.mdx
@Oxyjun
[Cloudflare One] Remove unsourced geographic redundancy claim
e0bed81 
Revert the 'for geographic redundancy' addition to the two-city minimum
statement. The original text states the minimum without explaining why,
and the rationale was inferred without a verified source.
@Oxyjun
[Cloudflare One] Improve clarity of traffic policies root-level pages
36b5d01 
Apply ELI5 analysis to all 11 root-level pages in traffic-policies/.
Add missing cross-links, define Cloudflare-specific terms on first use,
fix typos (sysctl, messaging, grammar), expand acronyms (GRE, CIPA, SIP,
XMPP), restructure dense paragraphs, add caution for QUIC/UDP requirement,
distinguish security risks from threats, explain global policy actions,
and clarify hostname vs support hostname enforcement behavior.
@Oxyjun Oxyjun requested a review from a team as a code owner March 12, 2026 15:56
@Oxyjun Oxyjun changed the title [Cloudflare One] Improve clarity of traffic policies root-level pages [Cloudflare One] Traffic Policies Root-Level ELI5 Mar 12, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Mar 12, 2026

This pull request requires reviews from CODEOWNERS as it changes files that match the following patterns:

Pattern Owners
/src/content/docs/cloudflare-one/traffic-policies/ @cloudflare/pcx-technical-writing

@github-actions
Copy link
Contributor

github-actions bot commented Mar 12, 2026

Preview URL: https://36b5d01a.preview.developers.cloudflare.com
Preview Branch URL: https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com

Files with changes (up to 15)

Original Link Updated Link
https://developers.cloudflare.com/cloudflare-one/traffic-policies/domain-categories/ https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com/cloudflare-one/traffic-policies/domain-categories/
https://developers.cloudflare.com/cloudflare-one/traffic-policies/enable-ids/ https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com/cloudflare-one/traffic-policies/enable-ids/
https://developers.cloudflare.com/cloudflare-one/traffic-policies/egress-policies/egress-cloudflared/ https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com/cloudflare-one/traffic-policies/egress-policies/egress-cloudflared/
https://developers.cloudflare.com/cloudflare-one/traffic-policies/resolver-policies/ https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com/cloudflare-one/traffic-policies/resolver-policies/
https://developers.cloudflare.com/cloudflare-one/traffic-policies/application-app-types/ https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com/cloudflare-one/traffic-policies/application-app-types/
https://developers.cloudflare.com/cloudflare-one/traffic-policies/identity-selectors/ https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com/cloudflare-one/traffic-policies/identity-selectors/
https://developers.cloudflare.com/cloudflare-one/traffic-policies/troubleshoot-gateway/ https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com/cloudflare-one/traffic-policies/troubleshoot-gateway/
https://developers.cloudflare.com/cloudflare-one/traffic-policies/egress-policies/dedicated-egress-ips/ https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com/cloudflare-one/traffic-policies/egress-policies/dedicated-egress-ips/
https://developers.cloudflare.com/cloudflare-one/traffic-policies/global-policies/ https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com/cloudflare-one/traffic-policies/global-policies/
https://developers.cloudflare.com/cloudflare-one/traffic-policies/egress-policies/host-selectors/ https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com/cloudflare-one/traffic-policies/egress-policies/host-selectors/
https://developers.cloudflare.com/cloudflare-one/traffic-policies/egress-policies/ https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com/cloudflare-one/traffic-policies/egress-policies/
https://developers.cloudflare.com/cloudflare-one/traffic-policies/managed-service-providers/ https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com/cloudflare-one/traffic-policies/managed-service-providers/
https://developers.cloudflare.com/cloudflare-one/traffic-policies/proxy/ https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com/cloudflare-one/traffic-policies/proxy/
https://developers.cloudflare.com/cloudflare-one/traffic-policies/ https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com/cloudflare-one/traffic-policies/
https://developers.cloudflare.com/cloudflare-one/traffic-policies/order-of-enforcement/ https://jun-cf1-traffic-policies-root-eli5.preview.developers.cloudflare.com/cloudflare-one/traffic-policies/order-of-enforcement/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

product:cloudflare-one size/m

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Oxyjun