Cloudflare changelogs

Cloudflare One Client - Cloudflare One Client for macOS (version 2026.3.846.0)

Thu, 02 Apr 2026 16:28:33 GMT

A new GA release for the macOS Cloudflare One Client is now available on the stable releases downloads page.

This release contains minor fixes and improvements.

The next stable release for macOS will introduce the new Cloudflare One Client UI, providing a cleaner and more intuitive design as well as easier access to common actions and information.

Changes and improvements

Empty MDM files are now rejected instead of being incorrectly accepted as a single MDM config.
Fixed an issue in local proxy mode where the client could become unresponsive due to upstream connection timeouts.
Fixed an issue where the emergency disconnect status of a prior organization persisted after a switch to a different organization.
Consumer-only CLI commands are now clearly distinguished from Zero Trust commands.
Added detailed QUIC connection metrics to diagnostic logs for better troubleshooting.
Added monitoring for tunnel statistics collection timeouts.
Switched tunnel congestion control algorithm for local proxy mode to Cubic for improved reliability across platforms.
Fixed initiating managed network detections checks when no network is available, which caused device profile flapping.

Cloudflare One Client - Cloudflare One Client for Linux (version 2026.3.846.0)

Thu, 02 Apr 2026 15:39:10 GMT

A new GA release for the Linux Cloudflare One Client is now available on the stable releases downloads page.

This release contains minor fixes and improvements.

The next stable release for Linux will introduce the new Cloudflare One Client UI, providing a cleaner and more intuitive design as well as easier access to common actions and information.

Changes and improvements

Empty MDM files are now rejected instead of being incorrectly accepted as a single MDM config.
Fixed an issue in local proxy mode where the client could become unresponsive due to upstream connection timeouts.
Fixed an issue where the emergency disconnect status of a prior organization persisted after a switch to a different organization.
Consumer-only CLI commands are now clearly distinguished from Zero Trust commands.
Added detailed QUIC connection metrics to diagnostic logs for better troubleshooting.
Added monitoring for tunnel statistics collection timeouts.
Switched tunnel congestion control algorithm for local proxy mode to Cubic for improved reliability across platforms.
Fixed initiating managed network detections checks when no network is available, which caused device profile flapping.

AI Gateway - Automatically retry on upstream provider failures on AI Gateway

Thu, 02 Apr 2026 00:00:00 GMT

AI Gateway now supports automatic retries at the gateway level. When an upstream provider returns an error, your gateway retries the request based on the retry policy you configure, without requiring any client-side changes.

You can configure the retry count (up to 5 attempts), the delay between retries (from 100ms to 5 seconds), and the backoff strategy (Constant, Linear, or Exponential). These defaults apply to all requests through the gateway, and per-request headers can override them.

This is particularly useful when you do not control the client making the request and cannot implement retry logic on the caller side. For more complex failover scenarios — such as failing across different providers — use Dynamic Routing.

For more information, refer to Manage gateways.

Logs - BigQuery as Logpush destination

Thu, 02 Apr 2026 00:00:00 GMT

Cloudflare Logpush now supports BigQuery as a native destination.

Logs from Cloudflare can be sent to Google Cloud BigQuery via Logpush. The destination can be configured through the Logpush UI in the Cloudflare dashboard or by using the Logpush API.

For more information, refer to the Destination Configuration documentation.

Workflows, Workers - All Wrangler commands for Workflows now support local development

Wed, 01 Apr 2026 12:00:00 GMT

All wrangler workflows commands now accept a --local flag to target a Workflow running in a local wrangler dev session instead of the production API.

You can now manage the full Workflow lifecycle locally, including triggering Workflows, listing instances, pausing, resuming, restarting, terminating, and sending events:

npx wrangler workflows list --local
npx wrangler workflows trigger my-workflow --local
npx wrangler workflows instances list my-workflow --local
npx wrangler workflows instances pause my-workflow <INSTANCE_ID> --local
npx wrangler workflows instances send-event my-workflow <INSTANCE_ID> --type my-event --local

All commands also accept --port to target a specific wrangler dev session (defaults to 8787).

For more information, refer to Workflows local development.

AI Search - Create, manage, search AI Search instances with Wrangler CLI

Wed, 01 Apr 2026 00:00:00 GMT

AI Search supports a wrangler ai-search command namespace. Use it to manage instances from the command line.

The following commands are available:

Command	Description
`wrangler ai-search create`	Create a new instance with an interactive wizard
`wrangler ai-search list`	List all instances in your account
`wrangler ai-search get`	Get details of a specific instance
`wrangler ai-search update`	Update the configuration of an instance
`wrangler ai-search delete`	Delete an instance
`wrangler ai-search search`	Run a search query against an instance
`wrangler ai-search stats`	Get usage statistics for an instance

The create command guides you through setup, choosing a name, source type (r2 or web), and data source. You can also pass all options as flags for non-interactive use:

wrangler ai-search create my-instance --type r2 --source my-bucket

Use wrangler ai-search search to query an instance directly from the CLI:

wrangler ai-search search my-instance --query "how do I configure caching?"

All commands support --json for structured output that scripts and AI agents can parse directly.

For full usage details, refer to the Wrangler commands documentation.

Cloudflare One, Access, Gateway - Logs UI refresh

Wed, 01 Apr 2026 00:00:00 GMT

Access authentication logs and Gateway activity logs (DNS, Network, and HTTP) now feature a refreshed user interface that gives you more flexibility when viewing and analyzing your logs.

The updated UI includes:

Filter by field - Select any field value to add it as a filter and narrow down your results.
Customizable fields - Choose which fields to display in the log table. Querying for fewer fields improves log loading performance.
View details - Select a timestamp to view the full details of a log entry.
Switch to classic view - Return to the previous log viewer interface if needed.

For more information, refer to Access authentication logs and Gateway activity logs.

Radar - Routing Section Expansion on Cloudflare Radar

Wed, 01 Apr 2026 00:00:00 GMT

Radar now features an expanded Routing section with dedicated sub-pages, providing a more organized and in-depth view of the global routing ecosystem. This restructuring lays the groundwork for additional routing features and widgets coming in the near future.

Dedicated sub-pages

The single Routing page has been split into three focused sub-pages:

Overview — Routing statistics, IP address space trends, BGP announcements, and the new Top 100 ASes ranking.
RPKI — RPKI validation status, ASPA deployment trends, and per-ASN ASPA provider details.
Anomalies — BGP route leaks, origin hijacks, and Multi-Origin AS (MOAS) conflicts.

New widgets

The routing overview now includes a Top 100 ASes table ranking autonomous systems by customer cone size, IPv4 address space, or IPv6 address space. Users can switch between rankings using a segmented control.

The RPKI sub-page introduces a RPKI validation view for per-ASN pages, showing prefixes grouped by RPKI validation status (Valid, Invalid, Unknown) with visibility scores.

Improved IP address space chart

The IP address space chart now displays both IPv4 and IPv6 trends stacked vertically and is available on global, country, and AS views.

Check out the Radar routing section to explore the data, and stay tuned for more routing insights coming soon.

Rules - New QUIC RTT and delivery rate fields

Wed, 01 Apr 2026 00:00:00 GMT

Two new fields are now available in rule expressions that surface Layer 4 transport telemetry from the client connection. Together with the existing cf.timings.client_tcp_rtt_msec field, these fields give you a complete picture of connection quality for both TCP and QUIC traffic — enabling transport-aware rules without requiring any client-side changes.

Previously, QUIC RTT and delivery rate data was only available via the Server-Timing: cfL4 response header. These new fields make the same data available directly in rule expressions, so you can use them in Transform Rules, WAF Custom Rules, and other phases that support dynamic fields.

New fields

Field	Type	Description
`cf.timings.client_quic_rtt_msec`	Integer	The smoothed QUIC round-trip time (RTT) between Cloudflare and the client in milliseconds. Only populated for QUIC (HTTP/3) connections. Returns `0` for TCP connections.
`cf.edge.l4.delivery_rate`	Integer	The most recent data delivery rate estimate for the client connection, in bytes per second. Returns `0` when L4 statistics are not available for the request.

Example: Route slow connections to a lightweight origin

Use a request header transform rule to tag requests from high-latency connections, so your origin can serve a lighter page variant:

Rule expression:

cf.timings.client_tcp_rtt_msec > 200 or cf.timings.client_quic_rtt_msec > 200

Header modifications:

Operation	Header name	Value
Set	`X-High-Latency`	`true`

Example: Match low-bandwidth connections

cf.edge.l4.delivery_rate > 0 and cf.edge.l4.delivery_rate < 100000

For more information, refer to Request Header Transform Rules and the fields reference.

Workers - Deploy Hooks are now available for Workers Builds

Wed, 01 Apr 2026 00:00:00 GMT

Workers Builds now supports Deploy Hooks — trigger builds from your headless CMS, a Cron Trigger, a Slack bot, or any system that can send an HTTP request.

Each Deploy Hook is a unique URL tied to a specific branch. Send it a POST and your Worker builds and deploys.

curl -X POST "https://api.cloudflare.com/client/v4/workers/builds/deploy_hooks/<DEPLOY_HOOK_ID>"

To create one, go to Workers & Pages > your Worker > Settings > Builds > Deploy Hooks.

Since a Deploy Hook is a URL, you can also call it from another Worker. For example, a Worker with a Cron Trigger can rebuild your project on a schedule:

JavaScript

export default {
  async scheduled(event, env, ctx) {
    ctx.waitUntil(fetch(env.DEPLOY_HOOK_URL, { method: "POST" }));
  },
};

TypeScript

export default {
  async scheduled(event: ScheduledEvent, env: Env, ctx: ExecutionContext): Promise<void> {
    ctx.waitUntil(fetch(env.DEPLOY_HOOK_URL, { method: "POST" }));
  },
} satisfies ExportedHandler<Env>;

You can also use Deploy Hooks to rebuild when your CMS publishes new content or deploy from a Slack slash command.

Built-in optimizations

Automatic deduplication: If a Deploy Hook fires multiple times before the first build starts running, redundant builds are automatically skipped. This keeps your build queue clean when webhooks retry or CMS events arrive in bursts.
Last triggered: The dashboard shows when each hook was last triggered.
Build source: Your Worker's build history shows which Deploy Hook started each build by name.

Deploy Hooks are rate limited to 10 builds per minute per Worker and 100 builds per minute per account. For all limits, see Limits & pricing.

To get started, read the Deploy Hooks documentation.

Workers - New L4 transport telemetry fields in Workers

Wed, 01 Apr 2026 00:00:00 GMT

Three new properties are now available on request.cf in Workers that expose Layer 4 transport telemetry from the client connection. These properties let your Worker make decisions based on real-time connection quality signals — such as round-trip time and data delivery rate — without requiring any client-side changes.

Previously, this telemetry was only available via the Server-Timing: cfL4 response header. These new properties surface the same data directly in the Workers runtime, so you can use it for routing, logging, or response customization.

New properties

Property	Type	Description
`clientTcpRtt`	number \| undefined	The smoothed TCP round-trip time (RTT) between Cloudflare and the client in milliseconds. Only present for TCP connections (HTTP/1, HTTP/2). For example, `22`.
`clientQuicRtt`	number \| undefined	The smoothed QUIC round-trip time (RTT) between Cloudflare and the client in milliseconds. Only present for QUIC connections (HTTP/3). For example, `42`.
`edgeL4`	Object \| undefined	Layer 4 transport statistics. Contains `deliveryRate` (number) — the most recent data delivery rate estimate for the connection, in bytes per second. For example, `123456`.

Example: Log connection quality metrics

export default {
  async fetch(request) {
    const cf = request.cf;

    const rtt = cf.clientTcpRtt ?? cf.clientQuicRtt ?? 0;
    const deliveryRate = cf.edgeL4?.deliveryRate ?? 0;
    const transport = cf.clientTcpRtt ? "TCP" : "QUIC";

    console.log(`Transport: ${transport}, RTT: ${rtt}ms, Delivery rate: ${deliveryRate} B/s`);

    const headers = new Headers(request.headers);
    headers.set("X-Client-RTT", String(rtt));
    headers.set("X-Delivery-Rate", String(deliveryRate));

    return fetch(new Request(request, { headers }));
  },
};

For more information, refer to Workers Runtime APIs: Request.

DNS - Internal DNS - now in open beta

Tue, 31 Mar 2026 00:00:00 GMT

Internal DNS is now in open beta.

Who can use it?

Internal DNS is bundled as a part of Cloudflare Gateway and is now available to every Enterprise customer with one of the following subscriptions:

Cloudflare Zero Trust Enterprise
Cloudflare Gateway Enterprise

To learn more and get started, refer to the Internal DNS documentation.

WAF - WAF Release - 2026-03-30

Mon, 30 Mar 2026 00:00:00 GMT

This week's release introduces new detections for a critical authentication bypass vulnerability in Fortinet products (CVE-2025-59718), alongside three new generic detection rules designed to identify and block HTTP Parameter Pollution attempts. Additionally, this release includes targeted protection for a high-impact unrestricted file upload vulnerability in Magento and Adobe Commerce.

Key Findings

CVE-2025-59718: An improper cryptographic signature verification vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager. This may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication using a maliciously crafted SAML message, if that feature is enabled on the device.
Magento 2 - Unrestricted File Upload: A critical flaw in Magento and Adobe Commerce allows unauthenticated attackers to bypass security checks and upload malicious files to the server, potentially leading to Remote Code Execution (RCE).

Impact

Successful exploitation of the Fortinet and Magento vulnerabilities could allow unauthenticated attackers to gain administrative control or deploy webshells, leading to complete server compromise and data theft.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	4f7d513cea424c2a853881982f7f95e9	N/A	Generic Rules - Parameter Pollution - Body	Log	Disabled	This is a new detection.
Cloudflare Managed Ruleset	60d023f3be414d379428add3319731a4	N/A	Generic Rules - Parameter Pollution - Header - Form	Log	Disabled	This is a new detection.
Cloudflare Managed Ruleset	2dde02d792ad41ec8fd65c2bdef262dd	N/A	Generic Rules - Parameter Pollution - URI	Log	Disabled	This is a new detection.
Cloudflare Managed Ruleset	ab8a96ed13034d56a81a79e570a36147	N/A	Magento 2 - Unrestricted file upload	Log	Block	This is a new detection.
Cloudflare Managed Ruleset	0a13a38dd81c44688950444e2ffcca9f	N/A	Fortinet FortiCloud SSO - Authentication Bypass - CVE:CVE-2025-59718	Log	Block	This is a new detection.

WAF - WAF Release - Scheduled changes for 2026-04-06

Mon, 30 Mar 2026 00:00:00 GMT

Announcement Date	Release Date	Release Behavior	Legacy Rule ID	Rule ID	Description	Comments
2026-03-30	2026-04-06	Log	N/A	73ae1cf103da4bacaa2e1a610aa410af	Generic Rules - Command Execution - 5 - Body	This is a new detection.
2026-03-30	2026-04-06	Log	N/A	a88a85b0cc5a4bc2abead6289131ec2f	Generic Rules - Command Execution - 5 - Header	This is a new detection.
2026-03-30	2026-04-06	Log	N/A	28518cdc40544979bbd86720551eb9e5	Generic Rules - Command Execution - 5 - URI	This is a new detection.
2026-03-30	2026-04-06	Log	N/A	1177993d53a1467997002b44d46229eb	MCP Server - Remote Code Execution - CVE:CVE-2026-23744	This is a new detection.
2026-03-30	2026-04-06	Log	N/A	3d43cdfbc3c14584942f8bc4a864b9c2	XSS - OnEvents - Cookies	This is a new detection.
2026-03-30	2026-04-06	Log	N/A	c9dbce2c1da94b24916e37559712a863	SQLi - Evasion - Body	This is a new detection.
2026-03-30	2026-04-06	Log	N/A	64d812e6d5844d7c9d7a44a440732d48	SQLi - Evasion - Headers	This is a new detection.
2026-03-30	2026-04-06	Log	N/A	50de9369ef7c45928a5dfb34e68a99b5	SQLi - Evasion - URI	This is a new detection.
2026-03-30	2026-04-06	Log	N/A	765ffb5c67b94c9589106c843e8143d2	SQLi - LIKE 3 - Body	This is a new detection.
2026-03-30	2026-04-06	Log	N/A	5c3dbd4f115e47c781491fcd70e7fb97	SSQLi - LIKE 3 - URI	This is a new detection.
2026-03-30	2026-04-06	Log	N/A	89fa6027a0334949b1cb2e654c538bd9	SQLi - UNION - 2 - Body	This is a new detection.
2026-03-30	2026-04-06	Log	N/A	05946b3458364f1b9d4819d561c439c9	SQLi - UNION - 2 - URI	This is a new detection.
2026-03-30	2026-04-06	Log	N/A	b2fe5c2a39df4609b6d39908cf33ea10	SolarWinds - Auth Bypass - CVE:CVE-2025-40552	This is a new detection.

Workers - New RFC 9440 mTLS certificate fields in Workers

Fri, 27 Mar 2026 00:00:00 GMT

Four new fields are now available on request.cf.tlsClientAuth in Workers for requests that include a mutual TLS (mTLS) client certificate. These fields encode the client certificate and its intermediate chain in RFC 9440 format — the same standard format used by the Client-Cert and Client-Cert-Chain HTTP headers — so your Worker can forward them directly to your origin without any custom parsing or encoding logic.

New fields

Field	Type	Description
`certRFC9440`	String	The client leaf certificate in RFC 9440 format (`:base64-DER:`). Empty if no client certificate was presented.
`certRFC9440TooLarge`	Boolean	`true` if the leaf certificate exceeded 10 KB and was omitted from `certRFC9440`.
`certChainRFC9440`	String	The intermediate certificate chain in RFC 9440 format as a comma-separated list. Empty if no intermediates were sent or if the chain exceeded 16 KB.
`certChainRFC9440TooLarge`	Boolean	`true` if the intermediate chain exceeded 16 KB and was omitted from `certChainRFC9440`.

Example: forwarding client certificate headers to your origin

export default {
  async fetch(request) {
    const tls = request.cf.tlsClientAuth;

    // Only forward if cert was verified and chain is complete
    if (!tls || !tls.certVerified || tls.certRevoked || tls.certChainRFC9440TooLarge) {
      return new Response("Unauthorized", { status: 401 });
    }

    const headers = new Headers(request.headers);
    headers.set("Client-Cert", tls.certRFC9440);
    headers.set("Client-Cert-Chain", tls.certChainRFC9440);

    return fetch(new Request(request, { headers }));
  },
};

For more information, refer to Client certificate variables and Mutual TLS authentication.

Containers - Easily connect Containers and Sandboxes to Workers

Thu, 26 Mar 2026 00:00:00 GMT

Containers and Sandboxes now support connecting directly to Workers over HTTP. This allows you to call Workers functions and bindings, like KV or R2, from within the container at specific hostnames.

Run Worker code

Define an outbound handler to capture any HTTP request or use outboundByHost to capture requests to individual hostnames and IPs.

export class MyApp extends Sandbox {}

MyApp.outbound = async (request, env, ctx) => {
  // you can run arbitrary functions defined in your Worker on any HTTP request
  return await someWorkersFunction(request.body);
};

MyApp.outboundByHost = {
  "my.worker": async (request, env, ctx) => {
    return await anotherFunction(request.body);
  },
};

In this example, requests from the container to http://my.worker will run the function defined within outboundByHost, and any other HTTP requests will run the outbound handler. These handlers run entirely inside the Workers runtime, outside of the container sandbox.

Access Workers bindings

Each handler has access to env, so it can call any binding set in Wrangler config. Code inside the container makes a standard HTTP request to that hostname and the outbound Worker translates it into a binding call.

export class MyApp extends Sandbox {}

MyApp.outboundByHost = {
  "my.kv": async (request, env, ctx) => {
    const key = new URL(request.url).pathname.slice(1);
    const value = await env.KV.get(key);
    return new Response(value ?? "", { status: value ? 200 : 404 });
  },
  "my.r2": async (request, env, ctx) => {
    const key = new URL(request.url).pathname.slice(1);
    const object = await env.BUCKET.get(key);
    return new Response(object?.body ?? "", { status: object ? 200 : 404 });
  },
};

Now, from inside the container sandbox, curl http://my.kv/some-key will access Workers KV and curl http://my.r2/some-object will access R2.

Access Durable Object state

Use ctx.containerId to reference the container's automatically provisioned Durable Object.

export class MyContainer extends Container {}

MyContainer.outboundByHost = {
  "get-state.do": async (request, env, ctx) => {
    const id = env.MY_CONTAINER.idFromString(ctx.containerId);
    const stub = env.MY_CONTAINER.get(id);
    return stub.getStateForKey(request.body);
  },
};

This provides an easy way to associate state with any container instance, and includes a built-in SQLite database.

Get Started Today

Upgrade to @cloudflare/containers version 0.2.0 or later, or @cloudflare/sandbox version 0.8.0 or later to use outbound Workers.

Refer to Containers outbound traffic and Sandboxes outbound traffic for more details and examples.

Radar - URL Scanner improvements on Cloudflare Radar

Thu, 26 Mar 2026 00:00:00 GMT

Radar ships several improvements to the URL Scanner that make scan reports more informative and easier to share:

Live screenshots — the summary card now includes an option to capture a live screenshot of the scanned URL on demand using the Browser Rendering API.
Save as PDF — a new button generates a print-optimized document aggregating all tab contents (Summary, Security, Network, Behavior, and Indicators) into a single file.
Download as JSON — raw scan data is available as a JSON download for programmatic use.
Redesigned summary layout — page information and security details are now displayed side by side with the screenshot, with a layout that adapts to narrower viewports.
File downloads — downloads are separated into a dedicated card with expandable rows showing each file's source URL and SHA256 hash.
Detailed IP address data — the Network tab now includes additional detail per IP address observed during the scan.

Explore these improvements on the Cloudflare Radar URL Scanner.

logpush, Logs - Logpush — More granular timestamps

Wed, 25 Mar 2026 00:00:00 GMT

Logpush now supports higher-precision timestamp formats for log output. You can configure jobs to output timestamps at millisecond or nanosecond precision. This is available in both the Logpush UI in the Cloudflare dashboard and the Logpush API.

To use the new formats, set timestamp_format in your Logpush job's output_options:

rfc3339ms — 2024-02-17T23:52:01.123Z
rfc3339ns — 2024-02-17T23:52:01.123456789Z

Default timestamp formats apply unless explicitly set. The dashboard defaults to rfc3339 and the API defaults to unixnano.

For more information, refer to the Log output options documentation.

Rules - New mTLS certificate fields for Transform Rules

Wed, 25 Mar 2026 00:00:00 GMT

Cloudflare now exposes four new fields in the Transform Rules phase that encode client certificate data in RFC 9440 format. Previously, forwarding client certificate information to your origin required custom parsing of PEM-encoded fields or non-standard HTTP header formats. These new fields produce output in the standardized Client-Cert and Client-Cert-Chain header format defined by RFC 9440, so your origin can consume them directly without any additional decoding logic.

Each certificate is DER-encoded, Base64-encoded, and wrapped in colons. For example, :MIIDsT...Vw==:. A chain of intermediates is expressed as a comma-separated list of such values.

New fields

Field	Type	Description
`cf.tls_client_auth.cert_rfc9440`	String	The client leaf certificate in RFC 9440 format. Empty if no client certificate was presented.
`cf.tls_client_auth.cert_rfc9440_too_large`	Boolean	`true` if the leaf certificate exceeded 10 KB and was omitted. In practice this will almost always be `false`.
`cf.tls_client_auth.cert_chain_rfc9440`	String	The intermediate certificate chain in RFC 9440 format as a comma-separated list. Empty if no intermediate certificates were sent or if the chain exceeded 16 KB.
`cf.tls_client_auth.cert_chain_rfc9440_too_large`	Boolean	`true` if the intermediate chain exceeded 16 KB and was omitted.

The chain encoding follows the same ordering as the TLS handshake: the certificate closest to the leaf appears first, working up toward the trust anchor. The root certificate is not included.

Example: Forwarding client certificate headers to your origin server

Add a request header transform rule to set the Client-Cert and Client-Cert-Chain headers on requests forwarded to your origin server. For example, to forward headers for verified, non-revoked certificates:

Rule expression:

cf.tls_client_auth.cert_verified and not cf.tls_client_auth.cert_revoked

Header modifications:

Operation	Header name	Value
Set	`Client-Cert`	`cf.tls_client_auth.cert_rfc9440`
Set	`Client-Cert-Chain`	`cf.tls_client_auth.cert_chain_rfc9440`

To get the most out of these fields, upload your client CA certificate to Cloudflare so that Cloudflare validates the client certificate at the edge and populates cf.tls_client_auth.cert_verified and cf.tls_client_auth.cert_revoked.

For more information, refer to Mutual TLS authentication, Request Header Transform Rules, and the fields reference.

Workers - Declare required secrets in your Wrangler configuration

Wed, 25 Mar 2026 00:00:00 GMT

The new secrets configuration property lets you declare the secret names your Worker requires in your Wrangler configuration file. Required secrets are validated during local development and deploy, and used as the source of truth for type generation.

wrangler.jsonc

{
  "secrets": {
    "required": ["API_KEY", "DB_PASSWORD"],
  },
}

wrangler.toml

[secrets]
required = [ "API_KEY", "DB_PASSWORD" ]

Local development

When secrets is defined, wrangler dev and vite dev load only the keys listed in secrets.required from .dev.vars or .env/process.env. Additional keys in those files are excluded. If any required secrets are missing, a warning is logged listing the missing names.

Type generation

wrangler types generates typed bindings from secrets.required instead of inferring names from .dev.vars or .env. This lets you run type generation in CI or other environments where those files are not present. Per-environment secrets are supported — the aggregated Env type marks secrets that only appear in some environments as optional.

Deploy

wrangler deploy and wrangler versions upload validate that all secrets in secrets.required are configured on the Worker before the operation succeeds. If any required secrets are missing, the command fails with an error listing which secrets need to be set.

For more information, refer to the secrets configuration property reference.

AI Crawl Control - Advanced WAF customization for AI Crawl Control blocks

Tue, 24 Mar 2026 00:00:00 GMT

AI Crawl Control now supports extending the underlying WAF rule with custom modifications. Any changes you make directly in the WAF custom rules editor — such as adding path-based exceptions, extra user agents, or additional expression clauses — are preserved when you update crawler actions in AI Crawl Control.

If the WAF rule expression has been modified in a way AI Crawl Control cannot parse, a warning banner appears on the Crawlers page with a link to view the rule directly in WAF.

For more information, refer to WAF rule management.

Cache - Cache Response Rules

Tue, 24 Mar 2026 00:00:00 GMT

You can now control how Cloudflare handles origin responses without changing your origin. Cache Response Rules let you modify Cache-Control directives, manage cache tags, and strip headers like Set-Cookie from origin responses before they reach Cloudflare's cache. Whether traffic is cached or passed through dynamically, these rules give you control over origin response behavior that was previously out of reach.

What changed

Cache Rules previously only operated on request attributes. Cache Response Rules introduce a new response phase that evaluates origin responses and lets you act on them before caching. You can now:

Modify Cache-Control directives: Set or remove individual directives like no-store, no-cache, max-age, s-maxage, stale-while-revalidate, immutable, and more. For example, remove a no-cache directive your origin sends so Cloudflare can cache the asset, or set an s-maxage to control how long Cloudflare stores it.
Set a different browser Cache-Control: Send a different Cache-Control header downstream to browsers and other clients than what Cloudflare uses internally, giving you independent control over edge and browser caching strategies.
Manage cache tags: Add, set, or remove cache tags on responses, including converting tags from another CDN's header format into Cloudflare's Cache-Tag header. This is especially useful if you are migrating from a CDN that uses a different tag header or delimiter.
Strip headers that block caching: Remove Set-Cookie, ETag, or Last-Modified headers from origin responses before caching, so responses that would otherwise be treated as uncacheable can be stored and served from cache.

Benefits

No origin changes required: Fix caching behavior entirely from Cloudflare, even when your origin configuration is locked down or managed by a different team.
Simpler CDN migration: Match caching behavior from other CDN providers without rewriting your origin. Translate cache tag formats and override directives that do not align with Cloudflare's defaults.
Native support, fewer workarounds: Functionality that previously required workarounds is now built into Cache Rules with full Tiered Cache compatibility.
Fine-grained control: Use expressions to match on request and response attributes, then apply precise cache settings per rule. Rules are stackable and composable with existing Cache Rules.

Get started

Configure Cache Response Rules in the Cloudflare dashboard under Caching > Cache Rules, or via the Rulesets API. For more details, refer to the Cache Rules documentation.

Containers - Use Docker Hub images with Containers

Tue, 24 Mar 2026 00:00:00 GMT

Containers now support Docker Hub images. You can use a fully qualified Docker Hub image reference in your Wrangler configuration instead of first pushing the image to Cloudflare Registry.

wrangler.jsonc

{
  "containers": [
    {
      // Example: docker.io/cloudflare/sandbox:0.7.18
      "image": "docker.io/<NAMESPACE>/<REPOSITORY>:<TAG>",
    },
  ],
}

wrangler.toml

[[containers]]
image = "docker.io/<NAMESPACE>/<REPOSITORY>:<TAG>"

Containers also support private Docker Hub images. To configure credentials, refer to Use private Docker Hub images.

For more information, refer to Image management.

Gateway - OIDC Claims filtering now available in Gateway Firewall, Resolver, and Egress policies

Tue, 24 Mar 2026 00:00:00 GMT

Cloudflare Gateway now supports OIDC Claims as a selector in Firewall, Resolver, and Egress policies. Administrators can use custom OIDC claims from their identity provider to build fine-grained, identity-based traffic policies across all Gateway policy types.

With this update, you can:

Filter traffic in DNS, HTTP, and Network firewall policies based on OIDC claim values.
Apply custom resolver policies to route DNS queries to specific resolvers depending on a user's OIDC claims.
Control egress policies to assign dedicated egress IPs based on OIDC claim attributes.

For example, you can create a policy that routes traffic differently for users with department=engineering in their OIDC claims, or restrict access to certain destinations based on a user's role claim.

To get started, configure custom OIDC claims on your identity provider and use the OIDC Claims selector in the Gateway policy builder.

For more information, refer to Identity-based policies.

Network Interconnect - Interconnects moved to Connectors

Tue, 24 Mar 2026 00:00:00 GMT

The top-level Interconnects page in the Cloudflare dashboard has been removed. Interconnects are now located under Connectors > Interconnects.

Your existing configurations and functionality remain the same.

Workers - Dynamic Workers, now in open beta

Tue, 24 Mar 2026 00:00:00 GMT

Dynamic Workers are now in open beta for all paid Workers users. You can now have a Worker spin up other Workers, called Dynamic Workers, at runtime to execute code on-demand in a secure, sandboxed environment. Dynamic Workers start in milliseconds, making them well suited for fast, secure code execution at scale.

Use Dynamic Workers for

Code Mode: LLMs are trained to write code. Run tool-calling logic written in code instead of stepping through many tool calls, which can save up to 80% in inference tokens and cost.
AI agents executing code: Run code for tasks like data analysis, file transformation, API calls, and chained actions.
Running AI-generated code: Run generated code for prototypes, projects, and automations in a secure, isolated sandboxed environment.
Fast development and previews: Load prototypes, previews, and playgrounds in milliseconds.
Custom automations: Create custom tools on the fly that execute a task, call an integration, or automate a workflow.

Executing Dynamic Workers

Dynamic Workers support two loading modes:

load(code) — for one-time code execution (equivalent to calling get() with a null ID).
get(id, callback) — caches a Dynamic Worker by ID so it can stay warm across requests. Use this when the same code will receive subsequent requests.

JavaScript

export default {
  async fetch(request, env) {
    const worker = env.LOADER.load({
      compatibilityDate: "2026-01-01",
      mainModule: "src/index.js",
      modules: {
        "src/index.js": `
          export default {
            fetch() {
              return new Response("Hello from a dynamic Worker");
            },
          };
        `,
      },
      // Block all outbound network access from the Dynamic Worker.
      globalOutbound: null,
    });

    return worker.getEntrypoint().fetch(request);
  },
};

TypeScript

export default {
  async fetch(request: Request, env: Env): Promise<Response> {
    const worker = env.LOADER.load({
      compatibilityDate: "2026-01-01",
      mainModule: "src/index.js",
      modules: {
        "src/index.js": `
          export default {
            fetch() {
              return new Response("Hello from a dynamic Worker");
            },
          };
        `,
      },
      // Block all outbound network access from the Dynamic Worker.
      globalOutbound: null,
    });

    return worker.getEntrypoint().fetch(request);
  },
};

Helper libraries for Dynamic Workers

Here are 3 new libraries to help you build with Dynamic Workers:

@cloudflare/codemode: Replace individual tool calls with a single code() tool, so LLMs write and execute TypeScript that orchestrates multiple API calls in one pass.
@cloudflare/worker-bundler: Resolve npm dependencies and bundle source files into ready-to-load modules for Dynamic Workers, all at runtime.
@cloudflare/shell: Give your agent a virtual filesystem inside a Dynamic Worker with persistent storage backed by SQLite and R2.

Try it out

Dynamic Workers Starter

Use this starter to deploy a Worker that can load and execute Dynamic Workers.

Dynamic Workers Playground

Deploy the Dynamic Workers Playground to write or import code, bundle it at runtime with @cloudflare/worker-bundler, execute it through a Dynamic Worker, and see real-time responses and execution logs.

For the full API reference and configuration options, refer to the Dynamic Workers documentation.

Pricing

Dynamic Workers pricing is based on three dimensions: Dynamic Workers created daily, requests, and CPU time.

	Included	Additional usage
Dynamic Workers created daily	1,000 unique Dynamic Workers per month	+$0.002 per Dynamic Worker per day
Requests ¹	10 million per month	+$0.30 per million requests
CPU time ¹	30 million CPU milliseconds per month	+$0.02 per million CPU milliseconds

¹ Uses Workers Standard rates and will appear as part of your existing Workers bill, not as separate Dynamic Workers charges.

Note: Dynamic Workers requests and CPU time are already billed as part of your Workers plan and will count toward your Workers requests and CPU usage. The Dynamic Workers created daily charge is not yet active — you will not be billed for the number of Dynamic Workers created at this time. Pricing information is shared in advance so you can estimate future costs.

Workflows, Workers - Workflow instances now support pause(), resume(), restart(), and terminate() methods in local development

Mon, 23 Mar 2026 12:00:00 GMT

Workflow instance methods pause(), resume(), restart(), and terminate() are now available in local development when using wrangler dev.

You can now test the full Workflow instance lifecycle locally:

const instance = await env.MY_WORKFLOW.create({
  id: "my-instance-id",
});

await instance.pause(); // pauses a running workflow instance
await instance.resume(); // resumes a paused instance
await instance.restart(); // restarts the instance from the beginning
await instance.terminate(); // terminates the instance immediately

Agents, Workers - Agents SDK v0.8.0: readable state, idempotent schedules, typed AgentClient, and Zod 4

Mon, 23 Mar 2026 00:00:00 GMT

The latest release of the Agents SDK exposes agent state as a readable property, prevents duplicate schedule rows across Durable Object restarts, brings full TypeScript inference to AgentClient, and migrates to Zod 4.

Readable `state` on `useAgent` and `AgentClient`

Both useAgent (React) and AgentClient (vanilla JS) now expose a state property that reflects the current agent state. Previously, reading state required manually tracking it through the onStateUpdate callback.

React (useAgent)

JavaScript

const agent = useAgent({
  agent: "game-agent",
  name: "room-123",
});

// Read state directly — no separate useState + onStateUpdate needed
return <div>Score: {agent.state?.score}</div>;

// Spread for partial updates
agent.setState({ ...agent.state, score: (agent.state?.score ?? 0) + 10 });

TypeScript

const agent = useAgent<GameAgent, GameState>({
  agent: "game-agent",
  name: "room-123",
});

// Read state directly — no separate useState + onStateUpdate needed
return <div>Score: {agent.state?.score}</div>;

// Spread for partial updates
agent.setState({ ...agent.state, score: (agent.state?.score ?? 0) + 10 });

agent.state is reactive — the component re-renders when state changes from either the server or a client-side setState() call.

Vanilla JS (AgentClient)

JavaScript

const client = new AgentClient({
  agent: "game-agent",
  name: "room-123",
  host: "your-worker.workers.dev",
});

client.setState({ score: 100 });
console.log(client.state); // { score: 100 }

TypeScript

const client = new AgentClient<GameAgent>({
  agent: "game-agent",
  name: "room-123",
  host: "your-worker.workers.dev",
});

client.setState({ score: 100 });
console.log(client.state); // { score: 100 }

State starts as undefined and is populated when the server sends the initial state on connect (from initialState) or when setState() is called. Use optional chaining (agent.state?.field) for safe access. The onStateUpdate callback continues to work as before — the new state property is additive.

Idempotent `schedule()`

schedule() now supports an idempotent option that deduplicates by (type, callback, payload), preventing duplicate rows from accumulating when called in places that run on every Durable Object restart such as onStart().

Cron schedules are idempotent by default. Calling schedule("0 * * * *", "tick") multiple times with the same callback, expression, and payload returns the existing schedule row instead of creating a new one. Pass { idempotent: false } to override.

Delayed and date-scheduled types support opt-in idempotency:

JavaScript

import { Agent } from "agents";

class MyAgent extends Agent {
  async onStart() {
    // Safe across restarts — only one row is created
    await this.schedule(60, "maintenance", undefined, { idempotent: true });
  }
}

TypeScript

import { Agent } from "agents";

class MyAgent extends Agent {
  async onStart() {
    // Safe across restarts — only one row is created
    await this.schedule(60, "maintenance", undefined, { idempotent: true });
  }
}

Two new warnings help catch common foot-guns:

Calling schedule() inside onStart() without { idempotent: true } emits a console.warn with actionable guidance (once per callback; skipped for cron and when idempotent is set explicitly).
If an alarm cycle processes 10 or more stale one-shot rows for the same callback, the SDK emits a console.warn and a schedule:duplicate_warning diagnostics channel event.

Typed `AgentClient` with `call` inference and `stub` proxy

AgentClient now accepts an optional agent type parameter for full type inference on RPC calls, matching the typed experience already available with useAgent.

JavaScript

const client = new AgentClient({
  agent: "my-agent",
  host: window.location.host,
});

// Typed call — method name autocompletes, args and return type inferred
const value = await client.call("getValue");

// Typed stub — direct RPC-style proxy
await client.stub.getValue();
await client.stub.add(1, 2);

TypeScript

const client = new AgentClient<MyAgent>({
  agent: "my-agent",
  host: window.location.host,
});

// Typed call — method name autocompletes, args and return type inferred
const value = await client.call("getValue");

// Typed stub — direct RPC-style proxy
await client.stub.getValue();
await client.stub.add(1, 2);

State is automatically inferred from the agent type, so onStateUpdate is also typed:

JavaScript

const client = new AgentClient({
  agent: "my-agent",
  host: window.location.host,
  onStateUpdate: (state) => {
    // state is typed as MyAgent's state type
  },
});

TypeScript

const client = new AgentClient<MyAgent>({
  agent: "my-agent",
  host: window.location.host,
  onStateUpdate: (state) => {
    // state is typed as MyAgent's state type
  },
});

Existing untyped usage continues to work without changes. The RPC type utilities (AgentMethods, AgentStub, RPCMethods) are now exported from agents/client for advanced typing scenarios. agents, @cloudflare/ai-chat, and @cloudflare/codemode now require zod ^4.0.0. Zod v3 is no longer supported.

`@cloudflare/ai-chat` fixes

Turn serialization — onChatMessage() and _reply() work is now queued so user requests, tool continuations, and saveMessages() never stream concurrently.
Duplicate messages on stop — Clicking stop during an active stream no longer splits the assistant message into two entries.
Duplicate messages after tool calls — Orphaned client IDs no longer leak into persistent storage.

`keepAlive()` and `keepAliveWhile()` are no longer experimental

keepAlive() now uses a lightweight in-memory ref count instead of schedule rows. Multiple concurrent callers share a single alarm cycle. The @experimental tag has been removed from both keepAlive() and keepAliveWhile().

`@cloudflare/codemode`: TanStack AI integration

A new entry point @cloudflare/codemode/tanstack-ai adds support for TanStack AI's chat() as an alternative to the Vercel AI SDK's streamText():

JavaScript

import {
  createCodeTool,
  tanstackTools,
} from "@cloudflare/codemode/tanstack-ai";
import { chat } from "@tanstack/ai";

const codeTool = createCodeTool({
  tools: [tanstackTools(myServerTools)],
  executor,
});

const stream = chat({ adapter, tools: [codeTool], messages });

TypeScript

import { createCodeTool, tanstackTools } from "@cloudflare/codemode/tanstack-ai";
import { chat } from "@tanstack/ai";

const codeTool = createCodeTool({
  tools: [tanstackTools(myServerTools)],
  executor,
});

const stream = chat({ adapter, tools: [codeTool], messages });

Upgrade

To update to the latest version:

npm i agents@latest @cloudflare/ai-chat@latest

AI Search - New AI Search REST API endpoints for /search and /chat/completions

Mon, 23 Mar 2026 00:00:00 GMT

AI Search now offers new REST API endpoints for search and chat that use an OpenAI compatible format. This means you can use the familiar messages array structure that works with existing OpenAI SDKs and tools. The messages array also lets you pass previous messages within a session, so the model can maintain context across multiple turns.

Endpoint	Path
Chat Completions	`POST /accounts/{account_id}/ai-search/instances/{name}/chat/completions`
Search	`POST /accounts/{account_id}/ai-search/instances/{name}/search`

Here is an example request to the Chat Completions endpoint using the new messages array format:

curl https://api.cloudflare.com/client/v4/accounts/{ACCOUNT_ID}/ai-search/instances/{NAME}/chat/completions \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer {API_TOKEN}" \
  -d '{
    "messages": [
      {
        "role": "system",
        "content": "You are a helpful documentation assistant."
      },
      {
        "role": "user",
        "content": "How do I get started?"
      }
    ]
  }'

For more details, refer to the AI Search REST API guide.

Migration from existing AutoRAG API (recommended)

If you are using the previous AutoRAG API endpoints (/autorag/rags/), we recommend migrating to the new endpoints. The previous AutoRAG API endpoints will continue to be fully supported.

Refer to the migration guide for step-by-step instructions.

AI Search - AI Search UI snippets and MCP support

Mon, 23 Mar 2026 00:00:00 GMT

AI Search now supports public endpoints, UI snippets, and MCP, making it easy to add search to your website or connect AI agents.

Public endpoints allow you to expose AI Search capabilities without requiring API authentication. To enable public endpoints:

Go to AI Search in the Cloudflare dashboard. Go to AI Search
Select your instance, and turn on Public Endpoint in Settings. For more details, refer to Public endpoint configuration.

UI snippets

UI snippets are pre-built search and chat components you can embed in your website. Visit search.ai.cloudflare.com to configure and preview components for your AI Search instance.

To add a search modal to your page:

<script
  type="module"
  src="https://<INSTANCE_ID>.search.ai.cloudflare.com/assets/v0.0.25/search-snippet.es.js"
></script>

<search-modal-snippet
  api-url="https://<INSTANCE_ID>.search.ai.cloudflare.com/"
  placeholder="Search..."
>
</search-modal-snippet>

For more details, refer to the UI snippets documentation.

MCP

The MCP endpoint allows AI agents to search your content via the Model Context Protocol. Connect your MCP client to:

https://<INSTANCE_ID>.search.ai.cloudflare.com/mcp

For more details, refer to the MCP documentation.

AI Search - Custom metadata filtering for AI Search

Mon, 23 Mar 2026 00:00:00 GMT

AI Search now supports custom metadata filtering, allowing you to define your own metadata fields and filter search results based on attributes like category, version, or any custom field you define.

Define a custom metadata schema

You can define up to 5 custom metadata fields per AI Search instance. Each field has a name and data type (text, number, or boolean):

curl -X POST https://api.cloudflare.com/client/v4/accounts/{ACCOUNT_ID}/ai-search/instances \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer {API_TOKEN}" \
  -d '{
    "id": "my-instance",
    "type": "r2",
    "source": "my-bucket",
    "custom_metadata": [
      { "field_name": "category", "data_type": "text" },
      { "field_name": "version", "data_type": "number" },
      { "field_name": "is_public", "data_type": "boolean" }
    ]
  }'

Add metadata to your documents

How you attach metadata depends on your data source:

R2 bucket: Set metadata using S3-compatible custom headers (x-amz-meta-*) when uploading objects. Refer to R2 custom metadata for examples.
Website: Add <meta> tags to your HTML pages. Refer to Website custom metadata for details.

Filter search results

Use custom metadata fields in your search queries alongside built-in attributes like folder and timestamp:

curl https://api.cloudflare.com/client/v4/accounts/{ACCOUNT_ID}/ai-search/instances/{NAME}/search \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer {API_TOKEN}" \
  -d '{
    "messages": [
      {
        "content": "How do I configure authentication?",
        "role": "user"
      }
    ],
    "ai_search_options": {
      "retrieval": {
        "filters": {
          "category": "documentation",
          "version": { "$gte": 2.0 }
        }
      }
    }
  }'

Learn more in the metadata filtering documentation.

API Shield - Web Assets fields now available in GraphQL Analytics API

Mon, 23 Mar 2026 00:00:00 GMT

Two new fields are now available in the httpRequestsAdaptive and httpRequestsAdaptiveGroups GraphQL Analytics API datasets:

webAssetsOperationId — the ID of the saved endpoint that matched the incoming request.
webAssetsLabelsManaged — the managed labels mapped to the matched operation at the time of the request (for example, cf-llm, cf-log-in). At most 10 labels are returned per request.

Both fields are empty when no operation matched. webAssetsLabelsManaged is also empty when no managed labels are assigned to the matched operation.

These fields allow you to determine, per request, which Web Assets operation was matched and which managed labels were active. This is useful for troubleshooting downstream security detection verdicts — for example, understanding why AI Security for Apps did or did not flag a request.

Refer to Endpoint labeling service for GraphQL query examples.

R2 SQL - R2 SQL now supports over 190 new functions, expressions, and complex types

Mon, 23 Mar 2026 00:00:00 GMT

R2 SQL now supports an expanded SQL grammar so you can write richer analytical queries without exporting data. This release adds CASE expressions, column aliases, arithmetic in clauses, 163 scalar functions, 33 aggregate functions, EXPLAIN, Common Table Expressions (CTEs),and full struct/array/map access. R2 SQL is Cloudflare's serverless, distributed, analytics query engine for querying Apache Iceberg tables stored in R2 Data Catalog. This page documents the supported SQL syntax.

Highlights

Column aliases — SELECT col AS alias now works in all clauses
CASE expressions — conditional logic directly in SQL (searched and simple forms)
Scalar functions — 163 new functions across math, string, datetime, regex, crypto, encoding, and type inspection categories
Aggregate functions — statistical (variance, stddev, correlation, regression), bitwise, boolean, and positional aggregates join the existing basic and approximate functions
Complex types — query struct fields with bracket notation, use 46 array functions, and extract map keys/values
Common table expressions (CTEs) — use WITH ... AS to define named temporary result sets. Chained CTEs are supported. All CTEs must reference the same single table.
Full expression support — arithmetic, type casting (CAST, TRY_CAST, :: shorthand), and EXTRACT in SELECT, WHERE, GROUP BY, HAVING, and ORDER BY

Examples

CASE expressions with statistical aggregates

SELECT source,
    CASE
        WHEN AVG(price) > 30 THEN 'premium'
        WHEN AVG(price) > 10 THEN 'mid-tier'
        ELSE 'budget'
    END AS tier,
    round(stddev(price), 2) AS price_volatility,
    approx_percentile_cont(price, 0.95) AS p95_price
FROM my_namespace.sales_data
GROUP BY source

Struct and array access

SELECT product_name,
    pricing['price'] AS price,
    array_to_string(tags, ', ') AS tag_list
FROM my_namespace.products
WHERE array_has(tags, 'Action')
ORDER BY pricing['price'] DESC
LIMIT 10

Chained CTEs with time-series analysis

WITH monthly AS (
    SELECT date_trunc('month', sale_timestamp) AS month,
        department,
        COUNT(*) AS transactions,
        round(AVG(total_amount), 2) AS avg_amount
    FROM my_namespace.sales_data
    WHERE sale_timestamp BETWEEN '2025-01-01T00:00:00Z' AND '2025-12-31T23:59:59Z'
    GROUP BY date_trunc('month', sale_timestamp), department
),
ranked AS (
    SELECT month, department, transactions, avg_amount,
        CASE
            WHEN avg_amount > 1000 THEN 'high-value'
            WHEN avg_amount > 500 THEN 'mid-value'
            ELSE 'standard'
        END AS tier
    FROM monthly
    WHERE transactions > 100
)
SELECT * FROM ranked
ORDER BY month, avg_amount DESC

For the full function reference and syntax details, refer to the SQL reference. For limitations and best practices, refer to Limitations and best practices.

WAF - WAF Release - 2026-03-23

Mon, 23 Mar 2026 00:00:00 GMT

This week's release focuses on new improvements to enhance coverage.

Key Findings

Existing rule enhancements have been deployed to improve detection resilience against broad classes of web attacks and strengthen behavioral coverage.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	54ad0465c30d4cd2ac7a707197321c6c	N/A	Command Injection - Generic 9 - URI Vector	Log	Disabled	This is a new detection.
Cloudflare Managed Ruleset	b31c34a7b29b4aaf9be6883d1eb7a999	N/A	Command Injection - Generic 9 - Header Vector	Log	Disabled	This is a new detection.
Cloudflare Managed Ruleset	155bb67d1061479e995a38510677175f	N/A	Command Injection - Generic 9 - Body Vector	Log	Disabled	This is a new detection.
Cloudflare Managed Ruleset	55fb1c76f0304f6a9d935d03479da68f	N/A	PHP, vBulletin, jQuery File Upload - Code Injection, Dangerous File Upload - CVE:CVE-2018-9206, CVE:CVE-2019-17132 (beta)	Log	Block	This rule has been merged into the original rule "PHP, vBulletin, jQuery File Upload - Code Injection, Dangerous File Upload - CVE:CVE-2018-9206, CVE:CVE-2019-17132" (ID: 0f2da91cec674eb58006929e824b817c )

Access - Route MCP server portal traffic through Cloudflare Gateway

Fri, 20 Mar 2026 00:00:00 GMT

MCP server portals can now route traffic through Cloudflare Gateway for richer HTTP request logging and data loss prevention (DLP) scanning.

When Gateway routing is turned on, portal traffic appears in your Gateway HTTP logs. You can create Gateway HTTP policies with DLP profiles to detect and block sensitive data sent to upstream MCP servers.

To enable Gateway routing, go to Access controls > AI controls, edit the portal, and turn on Route traffic through Cloudflare Gateway under Basic information.

For more details, refer to Route traffic through Gateway.

DNS - DNS Analytics for Customer Metadata Boundary set to EU region

Fri, 20 Mar 2026 00:00:00 GMT

DNS Analytics is now available for customers with Customer Metadata Boundary (CMB) set to EU. Query your DNS analytics data while keeping metadata stored in the EU region.

This update includes:

DNS Analytics — Access the same DNS analytics experience for zones in CMB=EU accounts.
EU data residency — Analytics data is stored and queried from the EU region, meeting data localization requirements.
DNS Firewall Analytics — DNS Firewall analytics is now supported for CMB=EU customers.

Availability

Available to customers with the Data Localization Suite who have Customer Metadata Boundary configured for the EU region.

Where to find it

Authoritative DNS: In the Cloudflare dashboard, select your zone and go to the Analytics page.
Go to Analytics
DNS Firewall: In the Cloudflare dashboard, go to the DNS Firewall Analytics page.
Go to Analytics

For more information, refer to DNS Analytics and DNS Firewall Analytics.

Cloudflare Tunnel, Cloudflare Tunnel for SASE - Stream logs from multiple replicas of Cloudflare Tunnel simultaneously

Fri, 20 Mar 2026 00:00:00 GMT

In the Cloudflare One dashboard, the overview page for a specific Cloudflare Tunnel now shows all replicas of that tunnel and supports streaming logs from multiple replicas at once.

Previously, you could only stream logs from one replica at a time. With this update:

Replicas on the tunnel overview — All active replicas for the selected tunnel now appear on that tunnel's overview page under Connectors. Select any replica to stream its logs.
Multi-connector log streaming — Stream logs from multiple replicas simultaneously, making it easier to correlate events across your infrastructure during debugging or incident response. To try it out, log in to Cloudflare One and go to Networks > Connectors > Cloudflare Tunnels. Select View logs next to the tunnel you want to monitor.

For more information, refer to Tunnel log streams and Deploy replicas.

Workers VPC - Observability for Workers VPC Services

Fri, 20 Mar 2026 00:00:00 GMT

Each VPC Service now has a Metrics tab so you can monitor connection health and debug failures without leaving the dashboard.

Connections — See successful and failed connections over time, broken down by what is responsible: your origin (Bad Upstream), your configuration (Client), or Cloudflare (Internal).
Latency — Track connection and DNS resolution latency trends.
Errors — Drill into specific error codes grouped by category, with filters to isolate upstream, client, or internal failures.

You can also view and edit your VPC Service configuration, host details, and port assignments from the Settings tab.

For a full list of error codes and what they mean, refer to Troubleshooting.

Cloudflare Fundamentals - Service Key authentication deprecated

Thu, 19 Mar 2026 00:00:00 GMT

Service Key authentication for the Cloudflare API is deprecated. Service Keys will stop working on September 30, 2026.

API Tokens replace Service Keys with fine-grained permissions, expiration, and revocation.

What you need to do

Replace any use of the X-Auth-User-Service-Key header with an API Token scoped to the permissions your integration requires.

If you use cloudflared, update to a version from November 2022 or later. These versions already use API Tokens.

If you use origin-ca-issuer, update to a version that supports API Token authentication.

For more information, refer to API deprecations.

Hyperdrive - Hyperdrive now supports custom TLS/SSL certificates for MySQL

Thu, 19 Mar 2026 00:00:00 GMT

Hyperdrive now supports custom TLS/SSL certificates for MySQL databases, bringing the same certificate options previously available for PostgreSQL to MySQL connections.

You can now configure:

Server certificate verification with VERIFY_CA or VERIFY_IDENTITY SSL modes to verify that your MySQL database server's certificate is signed by the expected certificate authority (CA).
Client certificates (mTLS) for Hyperdrive to authenticate itself to your MySQL database with credentials beyond username and password.

Create a Hyperdrive configuration with custom certificates for MySQL:

# Upload a CA certificate
npx wrangler cert upload certificate-authority --ca-cert your-ca-cert.pem --name your-custom-ca-name

# Create a Hyperdrive with VERIFY_IDENTITY mode
npx wrangler hyperdrive create your-hyperdrive-config \
  --connection-string="mysql://user:password@hostname:port/database" \
  --ca-certificate-id <CA_CERT_ID> \
  --sslmode VERIFY_IDENTITY

For more information, refer to SSL/TLS certificates for Hyperdrive and MySQL TLS/SSL modes.

Cloudflare Tunnel, Workers - Manage Cloudflare Tunnels with Wrangler

Thu, 19 Mar 2026 00:00:00 GMT

You can now manage Cloudflare Tunnels directly from Wrangler, the CLI for the Cloudflare Developer Platform. The new wrangler tunnel commands let you create, run, and manage tunnels without leaving your terminal.

Available commands:

wrangler tunnel create — Create a new remotely managed tunnel.
wrangler tunnel list — List all tunnels in your account.
wrangler tunnel info — Display details about a specific tunnel.
wrangler tunnel delete — Delete a tunnel.
wrangler tunnel run — Run a tunnel using the cloudflared daemon.
wrangler tunnel quick-start — Start a free, temporary tunnel without an account using Quick Tunnels.

Wrangler handles downloading and managing the cloudflared binary automatically. On first use, you will be prompted to download cloudflared to a local cache directory.

These commands are currently experimental and may change without notice.

To get started, refer to the Wrangler tunnel commands documentation.

Workers AI - Moonshot AI Kimi K2.5 now available on Workers AI

Thu, 19 Mar 2026 00:00:00 GMT

Workers AI is officially in the big models game. @cf/moonshotai/kimi-k2.5 is the first frontier-scale open-source model on our AI inference platform — a large model with a full 256k context window, multi-turn tool calling, vision inputs, and structured outputs. By bringing a frontier-scale model directly onto the Cloudflare Developer Platform, you can now run the entire agent lifecycle on a single, unified platform.

The model has proven to be a fast, efficient alternative to larger proprietary models without sacrificing quality. As AI adoption increases, the volume of inference is skyrocketing — now you can access frontier intelligence at a fraction of the cost.

Key capabilities

256,000 token context window for retaining full conversation history, tool definitions, and entire codebases across long-running agent sessions
Multi-turn tool calling for building agents that invoke tools across multiple conversation turns
Vision inputs for processing images alongside text
Structured outputs with JSON mode and JSON Schema support for reliable downstream parsing
Function calling for integrating external tools and APIs into agent workflows

Prefix caching and session affinity

When an agent sends a new prompt, it resends all previous prompts, tools, and context from the session. The delta between consecutive requests is usually just a few new lines of input. Prefix caching avoids reprocessing the shared context, saving time and compute from the prefill stage. This means faster Time to First Token (TTFT) and higher Tokens Per Second (TPS) throughput.

Workers AI has done prefix caching, but we are now surfacing cached tokens as a usage metric and offering a discount on cached tokens compared to input tokens (pricing is listed on the model page).

curl -X POST \
  "https://api.cloudflare.com/client/v4/accounts/{account_id}/ai/run/@cf/moonshotai/kimi-k2.5" \
  -H "Authorization: Bearer {api_token}" \
  -H "Content-Type: application/json" \
  -H "x-session-affinity: ses_12345678" \
  -d '{
    "messages": [
      {
        "role": "system",
        "content": "You are a helpful assistant."
      },
      {
        "role": "user",
        "content": "What is prefix caching and why does it matter?"
      }
    ],
    "max_tokens": 2400,
    "stream": true
  }'

Some clients like OpenCode implement session affinity automatically. The Agents SDK starter also sets up the wiring for you.

Redesigned asynchronous API

For volumes of requests that exceed synchronous rate limits, you can submit batches of inferences to be completed asynchronously. We have revamped the Asynchronous Batch API with a pull-based system that processes queued requests as soon as capacity is available. With internal testing, async requests usually execute within 5 minutes, but this depends on live traffic.

The async API is the best way to avoid capacity errors in durable workflows. It is ideal for use cases that are not real-time, such as code scanning agents or research agents.

To use the asynchronous API, pass queueRequest: true:

// 1. Push a batch of requests into the queue
const res = await env.AI.run(
  "@cf/moonshotai/kimi-k2.5",
  {
    requests: [
      {
        messages: [{ role: "user", content: "Tell me a joke" }],
      },
      {
        messages: [{ role: "user", content: "Explain the Pythagoras theorem" }],
      },
    ],
  },
  { queueRequest: true },
);

// 2. Grab the request ID
const requestId = res.request_id;

// 3. Poll for the result
const result = await env.AI.run("@cf/moonshotai/kimi-k2.5", {
  request_id: requestId,
});

if (result.status === "queued" || result.status === "running") {
  // Retry by polling again
} else {
  return Response.json(result);
}

You can also set up event notifications to know when inference is complete instead of polling.

Get started

Use Kimi K2.5 through the Workers AI binding (env.AI.run()), the REST API at /run or /v1/chat/completions, AI Gateway, or via the OpenAI-compatible endpoint.

For more information, refer to the Kimi K2.5 model page, pricing, and prompt caching.

Cloudflare Fundamentals - SCIM provisioning for Authentik is now Generally Available

Wed, 18 Mar 2026 00:00:00 GMT

Cloudflare dashboard SCIM provisioning now supports Authentik as an identity provider, joining Okta and Microsoft Entra ID as explicitly supported providers.

Customers can now sync users and group information from Authentik to Cloudflare, apply Permission Policies to those groups, and manage the lifecycle of users & groups directly from your Authentik Identity Provider.

For more information:

Cloudflare Fundamentals - SCIM audit logging Support

Wed, 18 Mar 2026 00:00:00 GMT

Cloudflare dashboard SCIM provisioning operations are now captured in Audit Logs v2, giving you visibility into user and group changes made by your identity provider.

Logged actions:

Action Type	Description
Create SCIM User	User provisioned from IdP
Replace SCIM User	User fully replaced (PUT)
Update SCIM User	User attributes modified (PATCH)
Delete SCIM User	Member deprovisioned
Create SCIM Group	Group provisioned from IdP
Update SCIM Group	Group membership or attributes modified
Delete SCIM Group	Group deprovisioned

For more details, refer to the Audit Logs v2 documentation.

Rules - Worker execution timing field now available in Rules

Wed, 18 Mar 2026 00:00:00 GMT

The cf.timings.worker_msec field is now available in the Ruleset Engine. This field reports the wall-clock time that a Cloudflare Worker spent handling a request, measured in milliseconds.

You can use this field to identify slow Worker executions, detect performance regressions, or build rules that respond differently based on Worker processing time, such as logging requests that exceed a latency threshold.

Field details

Field	Type	Description
`cf.timings.worker_msec`	Integer	The time spent executing a Cloudflare Worker in milliseconds. Returns `0` if no Worker was invoked.

Example filter expression:

cf.timings.worker_msec > 500

For more information, refer to the Fields reference.

Security Center - Real-time logo match preview

Wed, 18 Mar 2026 00:00:00 GMT

We are introducing Logo Match Preview, bringing the same pre-save visibility to visual assets that was previously only available for string-based queries. This update allows you to fine-tune your brand detection strategy before committing to a live monitor.

What’s new:

Upload your brand logo and immediately see a sample of potential matches from recently detected sites before finalizing the query
Adjust your similarity score (from 75% to 100%) and watch the results refresh in real-time to find the balance between broad detection and noise reduction
Review the specific logos triggered by your current settings to ensure your query is capturing the right level of brand infringement

If you are ready to test your brand assets, go to the Brand Protection dashboard to try the new preview tool.

Stream - Media Transformations binding for Workers

Wed, 18 Mar 2026 00:00:00 GMT

You can now use a Workers binding to transform videos with Media Transformations. This allows you to resize, crop, extract frames, and extract audio from videos stored anywhere, even in private locations like R2 buckets.

The Media Transformations binding is useful when you want to:

Transform videos stored in private or protected sources
Optimize videos and store the output directly back to R2 for re-use
Extract still frames for classification or description with Workers AI
Extract audio tracks for transcription using Workers AI

To get started, add the Media binding to your Wrangler configuration:

wrangler.jsonc

{
  "$schema": "./node_modules/wrangler/config-schema.json",
  "media": {
    "binding": "MEDIA"
  }
}

wrangler.toml
```
[media]
binding = "MEDIA"
```

Then use the binding in your Worker to transform videos:

JavaScript

export default {
  async fetch(request, env) {
    const video = await env.R2_BUCKET.get("input.mp4");

    const result = env.MEDIA.input(video.body)
      .transform({ width: 480, height: 270 })
      .output({ mode: "video", duration: "5s" });

    return await result.response();
  },
};

TypeScript

export default {
  async fetch(request, env) {
    const video = await env.R2_BUCKET.get("input.mp4");

    const result = env.MEDIA.input(video.body)
      .transform({ width: 480, height: 270 })
      .output({ mode: "video", duration: "5s" });

    return await result.response();
  },
};

Output modes include video for optimized MP4 clips, frame for still images, spritesheet for multiple frames, and audio for M4A extraction.

For more information, refer to the Media Transformations binding documentation.

Agents, Workers - @cloudflare/codemode v0.2.1: MCP barrel export, zero-dependency main entry point, and custom sandbox modules

Tue, 17 Mar 2026 00:00:00 GMT

The latest releases of @cloudflare/codemode add a new MCP barrel export, remove ai and zod as required peer dependencies from the main entry point, and give you more control over the sandbox.

New `@cloudflare/codemode/mcp` export

A new @cloudflare/codemode/mcp entry point provides two functions that wrap MCP servers with Code Mode:

codeMcpServer({ server, executor }) — wraps an existing MCP server with a single code tool where each upstream tool becomes a typed codemode.* method.
openApiMcpServer({ spec, executor, request }) — creates search and execute MCP tools from an OpenAPI spec with host-side request proxying and automatic $ref resolution.

JavaScript

import { codeMcpServer } from "@cloudflare/codemode/mcp";
import { DynamicWorkerExecutor } from "@cloudflare/codemode";

const executor = new DynamicWorkerExecutor({ loader: env.LOADER });

// Wrap an existing MCP server — all its tools become
// typed methods the LLM can call from generated code
const server = await codeMcpServer({ server: upstreamMcp, executor });

TypeScript

import { codeMcpServer } from "@cloudflare/codemode/mcp";
import { DynamicWorkerExecutor } from "@cloudflare/codemode";

const executor = new DynamicWorkerExecutor({ loader: env.LOADER });

// Wrap an existing MCP server — all its tools become
// typed methods the LLM can call from generated code
const server = await codeMcpServer({ server: upstreamMcp, executor });

Zero-dependency main entry point

Breaking change in v0.2.0: generateTypes and the ToolDescriptor / ToolDescriptors types have moved to @cloudflare/codemode/ai:

JavaScript

// Before
import { generateTypes } from "@cloudflare/codemode";

// After
import { generateTypes } from "@cloudflare/codemode/ai";

TypeScript

// Before
import { generateTypes } from "@cloudflare/codemode";

// After
import { generateTypes } from "@cloudflare/codemode/ai";

The main entry point (@cloudflare/codemode) no longer requires the ai or zod peer dependencies. It now exports:

Export	Description
`sanitizeToolName`	Sanitize tool names into valid JS identifiers
`normalizeCode`	Normalize LLM-generated code into async arrow functions
`generateTypesFromJsonSchema`	Generate TypeScript type definitions from plain JSON Schema
`jsonSchemaToType`	Convert a single JSON Schema to a TypeScript type string
`DynamicWorkerExecutor`	Sandboxed code execution via Dynamic Worker Loader
`ToolDispatcher`	RPC target for dispatching tool calls from sandbox to host

The ai and zod peer dependencies are now optional — only required when importing from @cloudflare/codemode/ai.

Custom sandbox modules

DynamicWorkerExecutor now accepts an optional modules option to inject custom ES modules into the sandbox:

JavaScript

const executor = new DynamicWorkerExecutor({
  loader: env.LOADER,
  modules: {
    "utils.js": `export function add(a, b) { return a + b; }`,
  },
});

// Sandbox code can then: import { add } from "utils.js"

TypeScript

const executor = new DynamicWorkerExecutor({
  loader: env.LOADER,
  modules: {
    "utils.js": `export function add(a, b) { return a + b; }`,
  },
});

// Sandbox code can then: import { add } from "utils.js"

Internal normalization and sanitization

DynamicWorkerExecutor now normalizes code and sanitizes tool names internally. You no longer need to call normalizeCode() or sanitizeToolName() before passing code and functions to execute().

Upgrade

npm i @cloudflare/codemode@latest

See the Code Mode documentation for the full API reference.

AI Gateway - Log AI Gateway request metadata without storing payloads

Tue, 17 Mar 2026 00:00:00 GMT

AI Gateway now supports the cf-aig-collect-log-payload header, which controls whether request and response bodies are stored in logs. By default, this header is set to true and payloads are stored alongside metadata. Set this header to false to skip payload storage while still logging metadata such as token counts, model, provider, status code, cost, and duration.

This is useful when you need usage metrics but do not want to persist sensitive prompt or response data.

curl https://gateway.ai.cloudflare.com/v1/$ACCOUNT_ID/$GATEWAY_ID/openai/chat/completions \
  --header "Authorization: Bearer $TOKEN" \
  --header 'Content-Type: application/json' \
  --header 'cf-aig-collect-log-payload: false' \
  --data '{
    "model": "gpt-4o-mini",
    "messages": [
      {
        "role": "user",
        "content": "What is the email address and phone number of user123?"
      }
    ]
  }'

For more information, refer to Logging.

Security Overview - New Security Overview UI

Tue, 17 Mar 2026 00:00:00 GMT

The Security Overview has been updated to provide Application Security customers with more actionable insights and a clearer view of their security posture.

Key improvements include:

Criticality for all Insights: Every insight now includes a criticality rating, allowing you to prioritize the most impactful security action items first.
Detection Tools Section: A new section displays the security detection tools available to you, indicating which are currently enabled and which can be activated to strengthen your defenses.
Industry Peer Comparison (Enterprise customers): A new module from Security Reports benchmarks your security posture against industry peers, highlighting relative strengths and areas for improvement.

For more information, refer to Security Overview.

Vectorize - Return up to 50 query results with values or metadata

Mon, 16 Mar 2026 00:00:00 GMT

You can now set topK up to 50 when a Vectorize query returns values or full metadata. This raises the previous limit of 20 for queries that use returnValues: true or returnMetadata: "all".

Use the higher limit when you need more matches in a single query response without dropping values or metadata. Refer to the Vectorize API reference for query options and current topK limits.

Containers - SSH into running Container instances

Thu, 12 Mar 2026 00:00:00 GMT

You can now SSH into running Container instances using Wrangler. This is useful for debugging, inspecting running processes, or executing one-off commands inside a Container.

To connect, enable wrangler_ssh in your Container configuration and add your ssh-ed25519 public key to authorized_keys:

wrangler.jsonc

{
  "containers": [
    {
      "wrangler_ssh": {
        "enabled": true
      },
      "authorized_keys": [
        {
          "name": "<NAME>",
          "public_key": "<YOUR_PUBLIC_KEY_HERE>"
        }
      ]
    }
  ]
}

wrangler.toml

[[containers]]
[containers.wrangler_ssh]
enabled = true

[[containers.authorized_keys]]
name = "<NAME>"
public_key = "<YOUR_PUBLIC_KEY_HERE>"

Then connect with:

wrangler containers ssh <INSTANCE_ID>

You can also run a single command without opening an interactive shell:

wrangler containers ssh <INSTANCE_ID> -- ls -al

Use wrangler containers instances <APPLICATION> to find the instance ID for a running Container.

For more information, refer to the SSH documentation.

Containers - List Container instances with `wrangler containers instances`

Thu, 12 Mar 2026 00:00:00 GMT

A new wrangler containers instances command lists all instances for a given Container application. This mirrors the instances view in the Cloudflare dashboard.

The command displays each instance's ID, name, state, location, version, and creation time:

wrangler containers instances <APPLICATION_ID>

Use the --json flag for machine-readable output, which is also the default format in non-interactive environments such as CI pipelines.

For the full list of options, refer to the containers instances command reference.

Cloudflare Fundamentals - Retry-After HTTP header for retryable 1xxx errors

Thu, 12 Mar 2026 00:00:00 GMT

Cloudflare-generated 1xxx error responses now include a standard Retry-After HTTP header when the error is retryable. Agents and HTTP clients can read the recommended wait time from response headers alone — no body parsing required.

Changes

Seven retryable error codes now emit Retry-After:

Error code	Retry-After (seconds)	Error name
1004	120	DNS resolution error
1005	120	Banned zone
1015	30	Rate limited
1033	120	Argo Tunnel error
1038	60	HTTP headers limit exceeded
1200	60	Cache connection limit
1205	5	Too many redirects

The header value matches the existing retry_after body field in JSON and Markdown responses.

If a WAF rate limiting rule has already set a dynamic Retry-After value on the response, that value takes precedence.

Availability

Available for all zones on all plans.

Verify

Check for the header on any retryable error:

curl -s --compressed -D - -o /dev/null -H "Accept: application/json" -A "TestAgent/1.0" -H "Accept-Encoding: gzip, deflate" "<YOUR_DOMAIN>/cdn-cgi/error/1015" | grep -i retry-after

References:

WAF - WAF Release - 2026-03-12 - Emergency

Thu, 12 Mar 2026 00:00:00 GMT

This week's release introduces new detections for vulnerabilities in Ivanti Endpoint Manager Mobile (CVE-2026-1281 and CVE-2026-1340), alongside a new generic detection rule designed to identify and block Cross-Site Scripting (XSS) injection attempts within the Content-Security-Policy (CSP) HTTP request header.

Key Findings

CVE-2026-1281 & CVE-2026-1340: Ivanti Endpoint Manager Mobile processes HTTP requests through Apache RevwriteMap directives that pass user-controlled input to Bash scripts (/mi/bin/map-appstore-url and /mi/bin/map-aft-store-url). Bash scripts do not sanitize user input and are vulnerable to shell arithmetic expansion thereby allowing attackers to achieve unauthenticated remote code execution.
Generic XSS in CSP Header: This rule identifies malicious payloads embedded within the request's Content-Security-Policy header. It specifically targets scenarios where web frameworks or applications trust and extract values directly from the CSP header in the incoming request without sufficient validation. Attackers can provide crafted header values to inject scripts or malicious directives that are subsequently processed by the server.

Impact

Successful exploitation of Ivanti EPMM vulnerability allows unauthenticated remote code execution and generic XSS in CSP header allows attackers to inject malicious scripts during page rendering. In environments using server-side caching, this poisoned XSS content can subsequently be cached and automatically served to all visitors.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	5ae86a9bda0c41dbb905132f796ea2f6	N/A	Ivanti EPMM - Code Injection - CVE:CVE-2026-1281 CVE:CVE-2026-1340	Log	Block	This is a new detection.
Cloudflare Managed Ruleset	35978af68e374a059e397bf5ee964a8c	N/A	Anomaly:Header:Content-Security-Policy	N/A	Block	This is a new detection.

Cloudflare Fundamentals - JSON responses and RFC 9457 support for Cloudflare 1xxx errors

Wed, 11 Mar 2026 00:00:00 GMT

Cloudflare-generated 1xxx errors now return structured JSON when clients send Accept: application/json or Accept: application/problem+json. JSON responses follow RFC 9457 (Problem Details for HTTP APIs), so any HTTP client that understands Problem Details can parse the base members without Cloudflare-specific code.

Breaking change

The Markdown frontmatter field http_status has been renamed to status. Agents consuming Markdown frontmatter should update parsers accordingly.

Changes

JSON format. Clients sending Accept: application/json or Accept: application/problem+json now receive a structured JSON object with the same operational fields as Markdown frontmatter, plus RFC 9457 standard members.

RFC 9457 standard members (JSON only):

type — URI pointing to Cloudflare documentation for the specific error code
status — HTTP status code (matching the response status)
title — short, human-readable summary
detail — human-readable explanation specific to this occurrence
instance — Ray ID identifying this specific error occurrence

Field renames:

http_status -> status (JSON and Markdown)
what_happened -> detail (JSON only — Markdown prose sections are unchanged)

Content-Type mirroring. Clients sending Accept: application/problem+json receive Content-Type: application/problem+json; charset=utf-8 back; Accept: application/json receives application/json; charset=utf-8. Same body in both cases.

Negotiation behavior

Request header sent	Response format
`Accept: application/json`	JSON (`application/json` content type)
`Accept: application/problem+json`	JSON (`application/problem+json` content type)
`Accept: application/json, text/markdown;q=0.9`	JSON
`Accept: text/markdown`	Markdown
`Accept: text/markdown, application/json`	Markdown (equal `q`, first-listed wins)
`Accept: /`	HTML (default)

Availability

Available now for Cloudflare-generated 1xxx errors.

Get started

curl -s --compressed -H "Accept: application/json" -A "TestAgent/1.0" -H "Accept-Encoding: gzip, deflate" "<YOUR_DOMAIN>/cdn-cgi/error/1015" | jq .

curl -s --compressed -H "Accept: application/problem+json" -A "TestAgent/1.0" -H "Accept-Encoding: gzip, deflate" "<YOUR_DOMAIN>/cdn-cgi/error/1015" | jq .

References:

Log Explorer - Ingest field selection for Log Explorer

Wed, 11 Mar 2026 00:00:00 GMT

Cloudflare Log Explorer now allows you to customize exactly which data fields are ingested and stored when enabling or managing log datasets.

Previously, ingesting logs often meant taking an "all or nothing" approach to data fields. With Ingest Field Selection, you can now choose from a list of available and recommended fields for each dataset. This allows you to reduce noise, focus on the metrics that matter most to your security and performance analysis, and manage your data footprint more effectively.

Key capabilities

Granular control: Select only the specific fields you need when enabling a new dataset.
Dynamic updates: Update fields for existing, already enabled logstreams at any time.
Historical consistency: Even if you disable a field later, you can still query and receive results for that field for the period it was captured.
Data integrity: Core fields, such as Timestamp, are automatically retained to ensure your logs remain searchable and chronologically accurate.

Example configuration

When configuring a dataset via the dashboard or API, you can define a specific set of fields. The Timestamp field remains mandatory to ensure data indexability.

{
  "dataset": "firewall_events",
  "enabled": true,
  "fields": [
    "Timestamp",
    "ClientRequestHost",
    "ClientIP",
    "Action",
    "EdgeResponseStatus",
    "OriginResponseStatus"
  ]
}

For more information, refer to the Log Explorer documentation.

Workers AI - NVIDIA Nemotron 3 Super now available on Workers AI

Wed, 11 Mar 2026 00:00:00 GMT

We're excited to partner with NVIDIA to bring @cf/nvidia/nemotron-3-120b-a12b to Workers AI. NVIDIA Nemotron 3 Super is a Mixture-of-Experts (MoE) model with a hybrid Mamba-transformer architecture, 120B total parameters, and 12B active parameters per forward pass.

The model is optimized for running many collaborating agents per application. It delivers high accuracy for reasoning, tool calling, and instruction following across complex multi-step tasks.

Key capabilities:

Hybrid Mamba-transformer architecture delivers over 50% higher token generation throughput compared to leading open models, reducing latency for real-world applications
Tool calling support for building AI agents that invoke tools across multiple conversation turns
Multi-Token Prediction (MTP) accelerates long-form text generation by predicting several future tokens simultaneously in a single forward pass
32,000 token context window for retaining conversation history and plan states across multi-step agent workflows

Use Nemotron 3 Super through the Workers AI binding (env.AI.run()), the REST API at /run or /v1/chat/completions, or the OpenAI-compatible endpoint.

For more information, refer to the Nemotron 3 Super model page.

Cloudflare One Client - WARP client for macOS (version 2026.3.566.1)

Tue, 10 Mar 2026 17:10:39 GMT

A new Beta release for the macOS WARP client is now available on the beta releases downloads page.

This release contains minor fixes and introduces a brand new visual style for the client interface. The new Cloudflare One Client interface changes connectivity management from a toggle to a button and brings useful connectivity settings to the home screen. The redesign also introduces a collapsible navigation bar. When expanded, more client information can be accessed including connectivity, settings, and device profile information. If you have any feedback or questions, visit the Cloudflare Community forum and let us know.

Changes and improvements

Empty MDM files are now rejected instead of being incorrectly accepted as a single MDM config.
Fixed an issue in proxy mode where the client could become unresponsive due to upstream connection timeouts.
Fixed emergency disconnect state from a previous organization incorrectly persisting after switching organizations.
Consumer-only CLI commands are now clearly distinguished from Zero Trust commands.
Added detailed QUIC connection metrics to diagnostic logs for better troubleshooting.
Added monitoring for tunnel statistics collection timeouts.
Switched tunnel congestion control algorithm to Cubic for improved reliability across platforms.
Fixed initiating managed network detection checks when no network is available, which caused device profile flapping.

Known issues

The client may become stuck in a Connecting state. To resolve this issue, reconnect the client by selecting Disconnect and then Connect in the client user interface. Alternatively, change the client's operation mode.
The client may display an empty white screen upon the device waking from sleep. To resolve this issue, exit and then open the client to re-launch it.
Canceling login during a single MDM configuration setup results in an empty page with no way to resume authentication. To work around this issue, exit and relaunch the client.

Cloudflare One Client - WARP client for Windows (version 2026.3.566.1)

Tue, 10 Mar 2026 17:10:37 GMT

A new Beta release for the Windows WARP client is now available on the beta releases downloads page.

Changes and improvements

Consumer-only CLI commands are now clearly distinguished from Zero Trust commands.
Added detailed QUIC connection metrics to diagnostic logs for better troubleshooting.
Added monitoring for tunnel statistics collection timeouts.
Switched tunnel congestion control algorithm to Cubic for improved reliability across platforms.
Fixed packet capture failing on tunnel interface when the tunnel interface is renamed by SCCM VPN boundary support.
Fixed unnecessary registration deletion caused by RDP connections in multi-user mode.
Fixed increased tunnel interface start-up time due to a race between duplicate address detection (DAD) and disabling NetBT.
Fixed tunnel failing to connect when the system DNS search list contains unexpected characters.
Empty MDM files are now rejected instead of being incorrectly accepted as a single MDM config.
Fixed an issue in proxy mode where the client could become unresponsive due to upstream connection timeouts.
Fixed emergency disconnect state from a previous organization incorrectly persisting after switching organizations.
Fixed initiating managed network detection checks when no network is available, which caused device profile flapping.

Known issues

The client may unexpectedly terminate during captive portal login. To work around this issue, use a web browser to authenticate with the captive portal and then re-launch the client.
An error indicating that Microsoft Edge can't read and write to its data directory may be displayed during captive portal login; this error is benign and can be dismissed.
The client may become stuck in a Connecting state. To resolve this issue, reconnect the client by selecting Disconnect and then Connect in the client user interface. Alternatively, change the client's operation mode.
The client may display an empty white screen upon the device waking from sleep. To resolve this issue, exit and then open the client to re-launch it.
Canceling login during a single MDM configuration setup results in an empty page with no way to resume authentication. To work around this issue, exit and relaunch the client.
For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum Windows 11 24H2 version KB5062553 or higher for resolution.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later. This warning will be omitted from future release notes. This Microsoft Security Intelligence update was released in May 2025.
DNS resolution may be broken when the following conditions are all true:
- The client is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while the client is connected. To work around this issue, reconnect the client by selecting Disconnect and then Connect in the client user interface.

Audit Logs - Audit logs (version 2) - General Availability

Tue, 10 Mar 2026 00:00:00 GMT

Audit Logs v2 is now generally available to all Cloudflare customers.

Audit Logs v2 provides a unified and standardized system for tracking and recording all user and system actions across Cloudflare products. Built on Cloudflare's API Shield / OpenAPI gateway, logs are generated automatically without requiring manual instrumentation from individual product teams, ensuring consistency across ~95% of Cloudflare products.

What's available at GA:

Standardized logging — Audit logs follow a consistent format across all Cloudflare products, making it easier to search, filter, and investigate activity.
Expanded product coverage — ~95% of Cloudflare products covered, up from ~75% in v1.
Granular filtering — Filter by actor, action type, action result, resource, raw HTTP method, zone, and more. Over 20 filter parameters available via the API.
Enhanced context — Each log entry includes authentication method, interface (API or dashboard), Cloudflare Ray ID, and actor token details.
18-month retention — Logs are retained for 18 months. Full history is accessible via the API or Logpush.

Access:

Dashboard: Go to Manage Account > Audit Logs. Audit Logs v2 is shown by default.
API: GET https://api.cloudflare.com/client/v4/accounts/{account_id}/logs/audit
Logpush: Available via the audit_logs_v2 account-scoped dataset.

Important notes:

Approximately 30 days of logs from the Beta period (back to ~February 8, 2026) are available at GA. These Beta logs will expire on ~April 9, 2026. Logs generated after GA will be retained for the full 18 months. Older logs remain available in Audit Logs v1.
The UI query window is limited to 90 days for performance reasons. Use the API or Logpush for access to the full 18-month history.
GET requests (view actions) and 4xx error responses are not logged at GA. GET logging will be selectively re-enabled for sensitive read operations in a future release.
Audit Logs v1 continues to run in parallel. A deprecation timeline will be communicated separately.
Before and after values — the ability to see what a value changed from and to — is a highly requested feature and is on our roadmap for a post-GA release. In the meantime, we recommend using Audit Logs v1 for before and after values. Audit Logs v1 will continue to run in parallel until this feature is available in v2.

For more details, refer to the Audit Logs v2 documentation.

Browser Rendering - Crawl entire websites with a single API call using Browser Rendering

Tue, 10 Mar 2026 00:00:00 GMT

Edit: this post has been edited to clarify crawling behavior with respect to site guidance.

You can now crawl an entire website with a single API call using Browser Rendering's new /crawl endpoint, available in open beta. Submit a starting URL, and pages are automatically discovered, rendered in a headless browser, and returned in multiple formats, including HTML, Markdown, and structured JSON. The endpoint is a signed-agent that respects robots.txt and AI Crawl Control by default, making it easy for developers to comply with website rules, and making it less likely for crawlers to ignore web-owner guidance. This is great for training models, building RAG pipelines, and researching or monitoring content across a site.

Crawl jobs run asynchronously. You submit a URL, receive a job ID, and check back for results as pages are processed.

# Initiate a crawl
curl -X POST 'https://api.cloudflare.com/client/v4/accounts/{account_id}/browser-rendering/crawl' \
  -H 'Authorization: Bearer <apiToken>' \
  -H 'Content-Type: application/json' \
  -d '{
    "url": "https://blog.cloudflare.com/"
  }'

# Check results
curl -X GET 'https://api.cloudflare.com/client/v4/accounts/{account_id}/browser-rendering/crawl/{job_id}' \
  -H 'Authorization: Bearer <apiToken>'

Key features:

Multiple output formats - Return crawled content as HTML, Markdown, and structured JSON (powered by Workers AI)
Crawl scope controls - Configure crawl depth, page limits, and wildcard patterns to include or exclude specific URL paths
Automatic page discovery - Discovers URLs from sitemaps, page links, or both
Incremental crawling - Use modifiedSince and maxAge to skip pages that haven't changed or were recently fetched, saving time and cost on repeated crawls
Static mode - Set render: false to fetch static HTML without spinning up a browser, for faster crawling of static sites
Well-behaved bot - Honors robots.txt directives, including crawl-delay

Available on both the Workers Free and Paid plans.

Note: the /crawl endpoint cannot bypass Cloudflare bot detection or captchas, and self-identifies as a bot.

To get started, refer to the crawl endpoint documentation. If you are setting up your own site to be crawled, review the robots.txt and sitemaps best practices.

API Shield - New Vulnerability Scanner for API Shield

Mon, 09 Mar 2026 00:00:00 GMT

Introducing Cloudflare's Web and API Vulnerability Scanner (Open Beta)

Cloudflare is launching the Open Beta of the Web and API Vulnerability Scanner for all API Shield customers. This new, stateful Dynamic Application Security Testing (DAST) platform helps teams proactively find logic flaws in their APIs.

The initial release focuses on detecting Broken Object Level Authorization (BOLA) vulnerabilities by building API call graphs to simulate attacker and owner contexts, then testing these contexts by sending real HTTP requests to your APIs.

The scanner is now available via the Cloudflare API. To scan, set up your target environment, owner and attacker credentials, and upload your OpenAPI file with response schemas. The scanner will be available in the Cloudflare dashboard in a future release.

Access: This feature is only available to API Shield subscribers via the Cloudflare API. We hope you will use the API for programmatic integration into your CI/CD pipelines and security dashboards.

Documentation: Refer to the developer documentation to start scanning your endpoints today.

Logs - New MCP Portal Logs dataset and new fields across multiple Logpush datasets in Cloudflare Logs

Mon, 09 Mar 2026 00:00:00 GMT

Cloudflare has added new fields across multiple Logpush datasets:

New dataset

MCP Portal Logs: A new dataset with fields including ClientCountry, ClientIP, ColoCode, Datetime, Error, Method, PortalAUD, PortalID, PromptGetName, ResourceReadURI, ServerAUD, ServerID, ServerResponseDurationMs, ServerURL, SessionID, Success, ToolCallName, UserEmail, and UserID.

New fields in existing datasets

DEX Application Tests: HTTPRedirectEndMs, HTTPRedirectStartMs, HTTPResponseBody, and HTTPResponseHeaders.
DEX Device State Events: ExperimentalExtra.
Firewall Events: FraudUserID.
Gateway HTTP: AppControlInfo and ApplicationStatuses.
Gateway DNS: InternalDNSDurationMs.
HTTP Requests: FraudEmailRisk, FraudUserID, and PayPerCrawlStatus.
Network Analytics Logs: DNSQueryName, DNSQueryType, and PFPCustomTag.
WARP Toggle Changes: UserEmail.
WARP Config Changes: UserEmail.
Zero Trust Network Session Logs: SNI.

For the complete field definitions for each dataset, refer to Logpush datasets.

Workflows, Workers - Workflow steps now expose retry attempt number via step context

Fri, 06 Mar 2026 12:00:00 GMT

Cloudflare Workflows allows you to configure specific retry logic for each step in your workflow execution. Now, you can access which retry attempt is currently executing for calls to step.do():

await step.do("my-step", async (ctx) => {
  // ctx.attempt is 1 on first try, 2 on first retry, etc.
  console.log(`Attempt ${ctx.attempt}`);
});

You can use the step context for improved logging & observability, progressive backoff, or conditional logic in your workflow definition.

Note that the current attempt number is 1-indexed. For more information on retry behavior, refer to Sleeping and Retrying.

Radar - Region Filtering, AS Traffic Volume, and Navigation Improvements on Cloudflare Radar

Fri, 06 Mar 2026 00:00:00 GMT

Radar ships several new features that improve the flexibility and usability of the platform, as well as visibility into what is happening on the Internet.

Region filtering

All location-aware pages now support filtering by region, including continents, geographic subregions (Middle East, Eastern Asia, etc.), political regions (EU, African Union), and US Census regions/divisions (for example, New England, US Northeast).

Traffic volume by top autonomous systems and locations

A new traffic volume view shows the top autonomous systems and countries/territories for a given location. This is useful for quickly determining which network providers in a location may be experiencing connectivity issues, or how traffic is distributed across a region.

The new AS and location dimensions have also been added to the Data Explorer for the HTTP, DNS, and NetFlows datasets. Combined with other available filters, this provides a powerful tool for generating unique insights.

Finally, breadcrumb navigation is now available on most pages, allowing easier navigation between parent and related pages.

Check out these features on Cloudflare Radar.

Workers AI, Realtime - Real-time transcription in RealtimeKit now supports 10 languages with regional variants

Fri, 06 Mar 2026 00:00:00 GMT

Real-time transcription in RealtimeKit now supports 10 languages with regional variants, powered by Deepgram Nova-3 running on Workers AI.

During a meeting, participant audio is routed through AI Gateway to Nova-3 on Workers AI — so transcription runs on Cloudflare's network end-to-end, reducing latency compared to routing through external speech-to-text services.

Set the language when creating a meeting via ai_config.transcription.language:

{
  "ai_config": {
    "transcription": {
      "language": "fr"
    }
  }
}

Supported languages include English, Spanish, French, German, Hindi, Russian, Portuguese, Japanese, Italian, and Dutch — with regional variants like en-AU, en-GB, en-IN, en-NZ, es-419, fr-CA, de-CH, pt-BR, and pt-PT. Use multi for automatic multilingual detection.

If you are building voice agents or real-time translation workflows, your agent can now transcribe in the caller's language natively — no extra services or routing logic needed.

Security Center - Dismiss and filter matches in Brand Protection

Fri, 06 Mar 2026 00:00:00 GMT

We have introduced new triage controls to help you manage your Brand Protection results more efficiently. You can now clear out the noise by dismissing matches while maintaining full visibility into your historical decisions.

What's new

Dismiss matches: Users can now mark specific results as dismissed if they are determined to be benign or false positives, removing them from the primary triage view.
Show/Hide toggle: A new visibility control allows you to instantly switch between viewing only active matches and including previously dismissed ones.
Persistent review states: Dismissed status is saved across sessions, ensuring that your workspace remains organized and focused on new or high-priority threats.

Key benefits of the dismiss match functionality:

Reduce alert fatigue by hiding known-safe results, allowing your team to focus exclusively on unreviewed or high-risk infringements.
Auditability and recovery through the visibility toggle, ensuring that no match is ever truly "lost" and can be re-evaluated if a site's content changes.
Improved collaboration as your team members can see which matches have already been vetted and dismissed by others.

Ready to clean up your match queue? Learn more in our Brand Protection documentation.

Browser Rendering - Browser Rendering: 3x higher REST API request rate

Wed, 04 Mar 2026 00:00:00 GMT

Browser Rendering REST API rate limits for Workers Paid plans have been increased from 3 requests per second (180/min) to 10 requests per second (600/min). No action is needed to benefit from the higher limit.

The REST API lets you perform common browser tasks with a single API call, and you can now do it at a higher rate.

If you use the Workers Bindings method, increases to concurrent browser and new browser limits are coming soon. Stay tuned.

For full details, refer to the Browser Rendering limits page.

Cloudflare One, Access - User risk score selector in Access policies

Wed, 04 Mar 2026 00:00:00 GMT

You can now use user risk scores in your Access policies. The new User Risk Score selector allows you to create Access policies that respond to user behavior patterns detected by Cloudflare's risk scoring system, including impossible travel, high DLP policy matches, and more.

For more information, refer to Use risk scores in Access policies.

Gateway - Gateway Authorization Proxy and hosted PAC files (open beta)

Wed, 04 Mar 2026 00:00:00 GMT

The Gateway Authorization Proxy and PAC file hosting are now in open beta for all plan types.

Previously, proxy endpoints relied on static source IP addresses to authorize traffic, providing no user-level identity in logs or policies. The new authorization proxy replaces IP-based authorization with Cloudflare Access authentication, verifying who a user is before applying Gateway filtering without installing the WARP client.

This is ideal for environments where you cannot deploy a device client, such as virtual desktops (VDI), mergers and acquisitions, or compliance-restricted endpoints.

Key capabilities

Identity-aware proxy traffic — Users authenticate through your identity provider (Okta, Microsoft Entra ID, Google Workspace, and others) via Cloudflare Access. Logs now show exactly which user accessed which site, and you can write identity-based policies like "only the Finance team can access this accounting tool."
Multiple identity providers — Display one or multiple login methods simultaneously, giving flexibility for organizations managing users across different identity systems.
Cloudflare-hosted PAC files — Create and host PAC files directly in Cloudflare One with pre-configured templates for Okta and Azure, hosted at https://pac.cloudflare-gateway.com/<account-id>/<slug> on Cloudflare's global network.
Simplified billing — Each user occupies a seat, exactly like they do with the Cloudflare One Client. No new metrics to track.

Get started

In Cloudflare One, go to Networks > Resolvers & Proxies > Proxy endpoints.
Create an authorization proxy endpoint and configure Access policies.
Create a hosted PAC file or write your own.
Configure browsers to use the PAC file URL.
Install the Cloudflare certificate for HTTPS inspection.

For more details, refer to the proxy endpoints documentation and the announcement blog post.

Workers AI - New conversion options for Markdown Conversion

Wed, 04 Mar 2026 00:00:00 GMT

You can now customize how the Markdown Conversion service processes different file types by passing a conversionOptions object.

Available options:

Images: Set the language for AI-generated image descriptions
HTML: Use CSS selectors to extract specific content, or provide a hostname to resolve relative links
PDF: Exclude metadata from the output

Use the env.AI binding:

JavaScript

await env.AI.toMarkdown(
  { name: "page.html", blob: new Blob([html]) },
  {
    conversionOptions: {
      html: { cssSelector: "article.content" },
      image: { descriptionLanguage: "es" },
    },
  },
);

TypeScript

await env.AI.toMarkdown(
  { name: "page.html", blob: new Blob([html]) },
  {
    conversionOptions: {
      html: { cssSelector: "article.content" },
      image: { descriptionLanguage: "es" },
    },
  },
);

Or call the REST API:

curl https://api.cloudflare.com/client/v4/accounts/{ACCOUNT_ID}/ai/tomarkdown \
  -H 'Authorization: Bearer {API_TOKEN}' \
  -F 'files=@index.html' \
  -F 'conversionOptions={"html": {"cssSelector": "article.content"}}'

For more details, refer to Conversion Options.

Workflows, Workers - Workflows step limit increased to 25,000 steps per instance

Tue, 03 Mar 2026 12:00:00 GMT

Each Workflow on Workers Paid now supports 10,000 steps by default, configurable up to 25,000 steps in your wrangler.jsonc file:

{
  "workflows": [
    {
      "name": "my-workflow",
      "binding": "MY_WORKFLOW",
      "class_name": "MyWorkflow",
      "limits": {
        "steps": 25000
      }
    }
  ]
}

Previously, each instance was limited to 1,024 steps. Now, Workflows can support more complex, long-running executions without the additional complexity of recursive or child workflow calls.

Note that the maximum persisted state limit per Workflow instance remains 100 MB for Workers Free and 1 GB for Workers Paid. Refer to Workflows limits for more information.

Agents - Real-time file watching in Sandboxes

Tue, 03 Mar 2026 00:00:00 GMT

Sandboxes now support real-time filesystem watching via sandbox.watch(). The method returns a Server-Sent Events stream backed by native inotify, so your Worker receives create, modify, delete, and move events as they happen inside the container.

`sandbox.watch(path, options)`

Pass a directory path and optional filters. The returned stream is a standard ReadableStream you can proxy directly to a browser client or consume server-side.

JavaScript

// Stream events to a browser client
const stream = await sandbox.watch("/workspace/src", {
  recursive: true,
  include: ["*.ts", "*.js"],
});

return new Response(stream, {
  headers: { "Content-Type": "text/event-stream" },
});

TypeScript

// Stream events to a browser client
const stream = await sandbox.watch("/workspace/src", {
  recursive: true,
  include: ["*.ts", "*.js"],
});

return new Response(stream, {
  headers: { "Content-Type": "text/event-stream" },
});

Server-side consumption with `parseSSEStream`

Use parseSSEStream to iterate over events inside a Worker without forwarding them to a client.

JavaScript

import { parseSSEStream } from "@cloudflare/sandbox";
const stream = await sandbox.watch("/workspace/src", { recursive: true });

for await (const event of parseSSEStream(stream)) {
  console.log(event.type, event.path);
}

TypeScript

import { parseSSEStream } from "@cloudflare/sandbox";
import type { FileWatchSSEEvent } from "@cloudflare/sandbox";

const stream = await sandbox.watch("/workspace/src", { recursive: true });

for await (const event of parseSSEStream<FileWatchSSEEvent>(stream)) {
  console.log(event.type, event.path);
}

Each event includes a type field (create, modify, delete, or move) and the affected path. Move events also include a from field with the original path.

Options

Option	Type	Description
`recursive`	`boolean`	Watch subdirectories. Defaults to `false`.
`include`	`string[]`	Glob patterns to filter events. Omit to receive all events.

Upgrade

To update to the latest version:

npm i @cloudflare/sandbox@latest

For full API details, refer to the Sandbox file watching reference.

Radar - Network Quality Test on Cloudflare Radar

Tue, 03 Mar 2026 00:00:00 GMT

Radar now includes a Network Quality Test page. The tool measures Internet connection quality and performance, showing connection details such as IP address, server location, network (ASN), and IP version. For more detailed speed test results, the page links to speed.cloudflare.com.

Agents, Workers - Agents SDK v0.7.0: Observability rewrite, keepAlive, and waitForMcpConnections

Mon, 02 Mar 2026 00:00:00 GMT

The latest release of the Agents SDK rewrites observability from scratch with diagnostics_channel, adds keepAlive() to prevent Durable Object eviction during long-running work, and introduces waitForMcpConnections so MCP tools are always available when onChatMessage runs.

Observability rewrite

The previous observability system used console.log() with a custom Observability.emit() interface. v0.7.0 replaces it with structured events published to diagnostics channels — silent by default, zero overhead when nobody is listening.

Every event has a type, payload, and timestamp. Events are routed to seven named channels:

Channel	Event types
`agents:state`	`state:update`
`agents:rpc`	`rpc`, `rpc:error`
`agents:message`	`message:request`, `message:response`, `message:clear`, `message:cancel`, `message:error`, `tool:result`, `tool:approval`
`agents:schedule`	`schedule:create`, `schedule:execute`, `schedule:cancel`, `schedule:retry`, `schedule:error`, `queue:retry`, `queue:error`
`agents:lifecycle`	`connect`, `destroy`
`agents:workflow`	`workflow:start`, `workflow:event`, `workflow:approved`, `workflow:rejected`, `workflow:terminated`, `workflow:paused`, `workflow:resumed`, `workflow:restarted`
`agents:mcp`	`mcp:client:preconnect`, `mcp:client:connect`, `mcp:client:authorize`, `mcp:client:discover`

Use the typed subscribe() helper from agents/observability for type-safe access:

JavaScript

import { subscribe } from "agents/observability";

const unsub = subscribe("rpc", (event) => {
  if (event.type === "rpc") {
    console.log(`RPC call: ${event.payload.method}`);
  }
  if (event.type === "rpc:error") {
    console.error(
      `RPC failed: ${event.payload.method} — ${event.payload.error}`,
    );
  }
});

// Clean up when done
unsub();

TypeScript

import { subscribe } from "agents/observability";

const unsub = subscribe("rpc", (event) => {
  if (event.type === "rpc") {
    console.log(`RPC call: ${event.payload.method}`);
  }
  if (event.type === "rpc:error") {
    console.error(
      `RPC failed: ${event.payload.method} — ${event.payload.error}`,
    );
  }
});

// Clean up when done
unsub();

In production, all diagnostics channel messages are automatically forwarded to Tail Workers — no subscription code needed in the agent itself:

JavaScript

export default {
  async tail(events) {
    for (const event of events) {
      for (const msg of event.diagnosticsChannelEvents) {
        // msg.channel is "agents:rpc", "agents:workflow", etc.
        console.log(msg.timestamp, msg.channel, msg.message);
      }
    }
  },
};

TypeScript

export default {
  async tail(events) {
    for (const event of events) {
      for (const msg of event.diagnosticsChannelEvents) {
        // msg.channel is "agents:rpc", "agents:workflow", etc.
        console.log(msg.timestamp, msg.channel, msg.message);
      }
    }
  },
};

The custom Observability override interface is still supported for users who need to filter or forward events to external services.

For the full event reference, refer to the Observability documentation.

`keepAlive()` and `keepAliveWhile()`

Durable Objects are evicted after a period of inactivity (typically 70-140 seconds with no incoming requests, WebSocket messages, or alarms). During long-running operations — streaming LLM responses, waiting on external APIs, running multi-step computations — the agent can be evicted mid-flight.

keepAlive() prevents this by creating a 30-second heartbeat schedule. The alarm firing resets the inactivity timer. Returns a disposer function that cancels the heartbeat when called.

JavaScript

const dispose = await this.keepAlive();
try {
  const result = await longRunningComputation();
  await sendResults(result);
} finally {
  dispose();
}

TypeScript

const dispose = await this.keepAlive();
try {
  const result = await longRunningComputation();
  await sendResults(result);
} finally {
  dispose();
}

keepAliveWhile() wraps an async function with automatic cleanup — the heartbeat starts before the function runs and stops when it completes:

JavaScript

const result = await this.keepAliveWhile(async () => {
  const data = await longRunningComputation();
  return data;
});

TypeScript

const result = await this.keepAliveWhile(async () => {
  const data = await longRunningComputation();
  return data;
});

Key details:

Multiple concurrent callers — Each keepAlive() call returns an independent disposer. Disposing one does not affect others.
AIChatAgent built-in — AIChatAgent automatically calls keepAlive() during streaming responses. You do not need to add it yourself.
Uses the scheduling system — The heartbeat does not conflict with your own schedules. It shows up in getSchedules() if you need to inspect it.

For the full API reference and when-to-use guidance, refer to Schedule tasks — Keeping the agent alive.

`waitForMcpConnections`

AIChatAgent now waits for MCP server connections to settle before calling onChatMessage. This ensures this.mcp.getAITools() returns the full set of tools, especially after Durable Object hibernation when connections are being restored in the background.

JavaScript

export class ChatAgent extends AIChatAgent {
  // Default — waits up to 10 seconds
  // waitForMcpConnections = { timeout: 10_000 };

  // Wait forever
  waitForMcpConnections = true;

  // Disable waiting
  waitForMcpConnections = false;
}

TypeScript

export class ChatAgent extends AIChatAgent {
  // Default — waits up to 10 seconds
  // waitForMcpConnections = { timeout: 10_000 };

  // Wait forever
  waitForMcpConnections = true;

  // Disable waiting
  waitForMcpConnections = false;
}

Value	Behavior
`{ timeout: 10_000 }`	Wait up to 10 seconds (default)
`{ timeout: N }`	Wait up to `N` milliseconds
`true`	Wait indefinitely until all connections ready
`false`	Do not wait (old behavior before 0.2.0)

For lower-level control, call this.mcp.waitForConnections() directly inside onChatMessage instead.

Other improvements

MCP deduplication by name and URL — addMcpServer with HTTP transport now deduplicates on both server name and URL. Calling it with the same name but a different URL creates a new connection. URLs are normalized before comparison (trailing slashes, default ports, hostname case).
callbackHost optional for non-OAuth servers — addMcpServer no longer requires callbackHost when connecting to MCP servers that do not use OAuth.
MCP URL security — Server URLs are validated before connection to prevent SSRF. Private IP ranges, loopback addresses, link-local addresses, and cloud metadata endpoints are blocked.
Custom denial messages — addToolOutput now supports state: "output-error" with errorText for custom denial messages in human-in-the-loop tool approval flows.
requestId in chat options — onChatMessage options now include a requestId for logging and correlating events.

Upgrade

To update to the latest version:

npm i agents@latest @cloudflare/ai-chat@latest

AI Gateway - Get started with AI Gateway automatically

Mon, 02 Mar 2026 00:00:00 GMT

You can now start using AI Gateway with a single API call — no setup required. Use default as your gateway ID, and AI Gateway creates one for you automatically on the first request.

To try it out, create an API token with AI Gateway - Read, AI Gateway - Edit, and Workers AI - Read permissions, then run:

curl -X POST https://gateway.ai.cloudflare.com/v1/$CLOUDFLARE_ACCOUNT_ID/default/compat/chat/completions \
  --header "cf-aig-authorization: Bearer $CLOUDFLARE_API_TOKEN" \
  --header 'Content-Type: application/json' \
  --data '{
    "model": "workers-ai/@cf/meta/llama-3.3-70b-instruct-fp8-fast",
    "messages": [
      {
        "role": "user",
        "content": "What is Cloudflare?"
      }
    ]
  }'

AI Gateway gives you logging, caching, rate limiting, and access to multiple AI providers through a single endpoint. For more information, refer to Get started.

Cloudflare One - Copy Cloudflare One resources as JSON or POST requests

Mon, 02 Mar 2026 00:00:00 GMT

You can now copy Cloudflare One resources as JSON or as a ready-to-use API POST request directly from the dashboard. This makes it simple to transition workflows into API calls, automation scripts, or infrastructure-as-code pipelines.

To use this feature, click the overflow menu (⋮) on any supported resource and select Copy as JSON or Copy as POST request. The copied output includes only the fields present on your resource, giving you a clean and minimal starting point for your own API calls.

Initially supported resources:

Access applications
Access policies
Gateway policies
Resolver policies
Service tokens
Identity providers

We will continue to add support for more resources throughout 2026.

WAF - WAF Release - 2026-03-02

Mon, 02 Mar 2026 00:00:00 GMT

This week's release introduces new detections for vulnerabilities in SmarterTools SmarterMail (CVE-2025-52691 and CVE-2026-23760), alongside improvements to an existing Command Injection (nslookup) detection to enhance coverage.

Key Findings

CVE-2025-52691: SmarterTools SmarterMail mail server is vulnerable to Arbitrary File Upload, allowing an unauthenticated attacker to upload files to any location on the mail server, potentially enabling remote code execution.
CVE-2026-23760: SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability in the password reset API permitting unaunthenticated to reset system administrator accounts failing to verify existing password or reset token.

Impact

Successful exploitation of these SmarterMail vulnerabilities could lead to full system compromise or unauthorized administrative access to mail servers. Administrators are strongly encouraged to apply vendor patches without delay.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	0f282f3c89614779966faf52966ec6b1	N/A	SmarterMail - Arbitrary File Upload - CVE-2025-52691	Log	Block	This is a new detection.
Cloudflare Managed Ruleset	35978af68e374a059e397bf5ee964a8c	N/A	SmarterMail - Authentication Bypass - CVE-2026-23760	Log	Block	This is a new detection.
Cloudflare Managed Ruleset	4bb099bcd71141d4a35c1aa675b64d99	N/A	Command Injection - Nslookup - Beta	Log	Block	This rule is merged into the original rule "Command Injection - Nslookup" (ID: f4a310393c564d50bd585601b090ba9a )

Access - Clipboard controls for browser-based RDP

Sun, 01 Mar 2026 00:00:00 GMT

You can now configure clipboard controls for browser-based RDP with Cloudflare Access. Clipboard controls allow administrators to restrict whether users can copy or paste text between their local machine and the remote Windows server.

This feature is useful for organizations that support bring-your-own-device (BYOD) policies or third-party contractors using unmanaged devices. By restricting clipboard access, you can prevent sensitive data from being transferred out of the remote session to a user's personal device.

Configuration options

Clipboard controls are configured per policy within your Access application. For each policy, you can independently allow or deny:

Copy from local client to remote RDP session — Users can copy/paste text from their local machine into the browser-based RDP session.
Copy from remote RDP session to local client — Users can copy/paste text from the browser-based RDP session to their local machine.

By default, both directions are denied for new policies. For existing Access applications created before this feature was available, clipboard access remains enabled to preserve backwards compatibility.

When a user attempts a restricted clipboard action, the clipboard content is replaced with an error message informing them that the action is not allowed.

For more information, refer to Clipboard controls for browser-based RDP.

Access - Export MCP server portal logs with Logpush

Fri, 27 Feb 2026 00:00:00 GMT

MCP server portals now supports Logpush integration. You can automatically export MCP server portal activity logs to third-party storage destinations or security information and event management (SIEM) tools for analysis and auditing.

Available log fields

The MCP server portal logs dataset includes fields such as:

Datetime — Timestamp of the request
PortalID / PortalAUD — Portal identifiers
ServerID / ServerURL — Upstream MCP server details
Method — JSON-RPC method (for example, tools/call, prompts/get, resources/read)
ToolCallName / PromptGetName / ResourceReadURI — Method-specific identifiers
UserID / UserEmail — Authenticated user information
Success / Error — Request outcome
ServerResponseDurationMs — Response time from upstream server

For the complete field reference, refer to MCP portal logs.

Set up Logpush

To configure Logpush for MCP server portal logs, refer to Logpush integration.

Gateway - New protocols added for Gateway Protocol Detection (Beta)

Fri, 27 Feb 2026 00:00:00 GMT

Gateway Protocol Detection now supports seven additional protocols in beta:

Protocol	Notes
IMAP	Internet Message Access Protocol — email retrieval
POP3	Post Office Protocol v3 — email retrieval
SMTP	Simple Mail Transfer Protocol — email sending
MYSQL	MySQL database wire protocol
RSYNC-DAEMON	rsync daemon protocol
LDAP	Lightweight Directory Access Protocol
NTP	Network Time Protocol

These protocols join the existing set of detected protocols (HTTP, HTTP2, SSH, TLS, DCERPC, MQTT, and TPKT) and can be used with the Detected Protocol selector in Network policies to identify and filter traffic based on the application-layer protocol, without relying on port-based identification.

If protocol detection is enabled on your account, these protocols will automatically be logged when detected in your Gateway network traffic.

For more information on using Protocol Detection, refer to the Protocol detection documentation.

Radar - Post-Quantum Encryption and Key Transparency on Cloudflare Radar

Fri, 27 Feb 2026 00:00:00 GMT

Radar now tracks post-quantum encryption support on origin servers, provides a tool to test any host for post-quantum compatibility, and introduces a Key Transparency dashboard for monitoring end-to-end encrypted messaging audit logs.

Post-quantum origin support

The new Post-Quantum API provides the following endpoints:

/post_quantum/tls/support - Tests whether a host supports post-quantum TLS key exchange.
/post_quantum/origin/summary/{dimension} - Returns origin post-quantum data summarized by key agreement algorithm.
/post_quantum/origin/timeseries_groups/{dimension} - Returns origin post-quantum timeseries data grouped by key agreement algorithm.

The new Post-Quantum Encryption page shows the share of customer origins supporting X25519MLKEM768, derived from daily automated TLS scans of TLS 1.3-compatible origins. The scanner tests for algorithm support rather than the origin server's configured preference.

A host test tool allows checking any publicly accessible website for post-quantum encryption compatibility. Enter a hostname and optional port to see whether the server negotiates a post-quantum key exchange algorithm.

Key Transparency

A new Key Transparency section displays the audit status of Key Transparency logs for end-to-end encrypted messaging services. The page launches with two monitored logs: WhatsApp and Facebook Messenger Transport.

Each log card shows the current status, last signed epoch, last verified epoch, and the root hash of the Auditable Key Directory tree. The data is also available through the Key Transparency Auditor API.

Learn more about these features in our blog post and check out the Post-Quantum Encryption and Key Transparency pages to explore the data.

Cache - Asynchronous stale-while-revalidate

Thu, 26 Feb 2026 00:00:00 GMT

Cloudflare's stale-while-revalidate support is now fully asynchronous. Previously, the first request for a stale (expired) asset in cache had to wait for an origin response, after which that visitor received a REVALIDATED or EXPIRED status. Now, the first request after the asset expires triggers revalidation in the background and immediately receives stale content with an UPDATING status. All following requests also receive stale content with an UPDATING status until the origin responds, after which subsequent requests receive fresh content with a HIT status.

stale-while-revalidate is a Cache-Control directive set by your origin server that allows Cloudflare to serve an expired cached asset while a fresh copy is fetched from the origin.

Asynchronous revalidation brings:

Lower latency: No visitor is waiting for the origin when the asset is already in cache. Every request is served from cache during revalidation.
Consistent experience: All visitors receive the same cached response during revalidation.
Reduced error exposure: The first request is no longer vulnerable to origin timeouts or errors. All visitors receive a cached response while revalidation happens in the background.

Availability

This change is live for all Free, Pro, and Business zones. Approximately 75% of Enterprise zones have been migrated, with the remaining zones rolling out throughout the quarter.

Get started

To use this feature, make sure your origin includes the stale-while-revalidate directive in the Cache-Control header. Refer to the Cache-Control documentation for details.

Cloudflare Fundamentals - Markdown responses for Cloudflare 1xxx errors

Thu, 26 Feb 2026 00:00:00 GMT

Cloudflare now returns structured Markdown responses for Cloudflare-generated 1xxx errors when clients send Accept: text/markdown.

Each response includes YAML frontmatter plus guidance sections (What happened / What you should do) so agents can make deterministic retry and escalation decisions without parsing HTML.

In measured 1,015 comparisons, Markdown reduced payload size and token footprint by over 98% versus HTML.

Included frontmatter fields:

error_code, error_name, error_category, http_status
ray_id, timestamp, zone
cloudflare_error, retryable, retry_after (when applicable), owner_action_required

Default behavior is unchanged: clients that do not explicitly request Markdown continue to receive HTML error pages.

Negotiation behavior

Cloudflare uses standard HTTP content negotiation on the Accept header.

Accept: text/markdown -> Markdown
Accept: text/markdown, text/html;q=0.9 -> Markdown
Accept: text/* -> Markdown
Accept: */* -> HTML (default browser behavior)

When multiple values are present, Cloudflare selects the highest-priority supported media type using q values. If Markdown is not explicitly preferred, HTML is returned.

Availability

Available now for Cloudflare-generated 1xxx errors.

Get started

curl -H "Accept: text/markdown" https://<your-domain>/cdn-cgi/error/1015

Reference: Cloudflare 1xxx error documentation

Agents, Workers - Agents SDK v0.6.0: RPC transport for MCP, optional OAuth, hardened schema conversion, and @cloudflare/ai-chat fixes

Wed, 25 Feb 2026 00:00:00 GMT

The latest release of the Agents SDK lets you define an Agent and an McpAgent in the same Worker and connect them over RPC — no HTTP, no network overhead. It also makes OAuth opt-in for simple MCP connections, hardens the schema converter for production workloads, and ships a batch of @cloudflare/ai-chat reliability fixes.

RPC transport for MCP

You can now connect an Agent to an McpAgent in the same Worker using a Durable Object binding instead of an HTTP URL. The connection stays entirely within the Cloudflare runtime — no network round-trips, no serialization overhead.

Pass the Durable Object namespace directly to addMcpServer:

JavaScript

import { Agent } from "agents";

export class MyAgent extends Agent {
  async onStart() {
    // Connect via DO binding — no HTTP, no network overhead
    await this.addMcpServer("counter", env.MY_MCP);

    // With props for per-user context
    await this.addMcpServer("counter", env.MY_MCP, {
      props: { userId: "user-123", role: "admin" },
    });
  }
}

TypeScript

import { Agent } from "agents";

export class MyAgent extends Agent {
  async onStart() {
    // Connect via DO binding — no HTTP, no network overhead
    await this.addMcpServer("counter", env.MY_MCP);

    // With props for per-user context
    await this.addMcpServer("counter", env.MY_MCP, {
      props: { userId: "user-123", role: "admin" },
    });
  }
}

The addMcpServer method now accepts string | DurableObjectNamespace as the second parameter with full TypeScript overloads, so HTTP and RPC paths are type-safe and cannot be mixed.

Key capabilities:

Hibernation support — RPC connections survive Durable Object hibernation automatically. The binding name and props are persisted to storage and restored on wake-up, matching the behavior of HTTP MCP connections.
Deduplication — Calling addMcpServer with the same server name returns the existing connection instead of creating duplicates. Connection IDs are stable across hibernation restore.
Smaller surface area — The RPC transport internals have been rewritten and reduced from 609 lines to 245 lines. RPCServerTransport now uses JSONRPCMessageSchema from the MCP SDK for validation instead of hand-written checks.

Optional OAuth for MCP connections

addMcpServer() no longer eagerly creates an OAuth provider for every connection. For servers that do not require authentication, a simple call is all you need:

JavaScript

// No callbackHost, no OAuth config — just works
await this.addMcpServer("my-server", "https://mcp.example.com");

TypeScript

// No callbackHost, no OAuth config — just works
await this.addMcpServer("my-server", "https://mcp.example.com");

If the server responds with a 401, the SDK throws a clear error: "This MCP server requires OAuth authentication. Provide callbackHost in addMcpServer options to enable the OAuth flow." The restore-from-storage flow also handles missing callback URLs gracefully, skipping auth provider creation for non-OAuth servers.

Hardened JSON Schema to TypeScript converter

The schema converter used by generateTypes() and getAITools() now handles edge cases that previously caused crashes in production:

Depth and circular reference guards — Prevents stack overflows on recursive or deeply nested schemas
$ref resolution — Supports internal JSON Pointers (#/definitions/..., #/$defs/..., #)
Tuple support — prefixItems (JSON Schema 2020-12) and array items (draft-07)
OpenAPI 3.0 nullable: true — Supported across all schema branches
Per-tool error isolation — One malformed schema cannot crash the full pipeline in generateTypes() or getAITools()
Missing inputSchema fallback — getAITools() falls back to { type: "object" } instead of throwing

`@cloudflare/ai-chat` fixes

Tool denial flow — Denied tool approvals (approved: false) now transition to output-denied with a tool_result, fixing Anthropic provider compatibility. Custom denial messages are supported via state: "output-error" and errorText.
Abort/cancel support — Streaming responses now properly cancel the reader loop when the abort signal fires and send a done signal to the client.
Duplicate message persistence — persistMessages() now reconciles assistant messages by content and order, preventing duplicate rows when clients resend full history.
requestId in OnChatMessageOptions — Handlers can now send properly-tagged error responses for pre-stream failures.
redacted_thinking preservation — The message sanitizer no longer strips Anthropic redacted_thinking blocks.
/get-messages reliability — Endpoint handling moved from a prototype onRequest() override to a constructor wrapper, so it works even when users override onRequest without calling super.onRequest().
Client tool APIs undeprecated — createToolsFromClientSchemas, clientTools, AITool, extractClientToolSchemas, and the tools option on useAgentChat are restored for SDK use cases where tools are defined dynamically at runtime.
jsonSchema initialization — Fixed jsonSchema not initialized error when calling getAITools() in onChatMessage.

Upgrade

To update to the latest version:

npm i agents@latest @cloudflare/ai-chat@latest

Containers - Run 15x more Containers with higher resource limits

Wed, 25 Feb 2026 00:00:00 GMT

You can now run more Containers concurrently with significantly higher limits on memory, vCPU, and disk.

Limit	Previous Limit	New Limit
Memory for concurrent live Container instances	400GiB	6TiB
vCPU for concurrent live Container instances	100	1,500
Disk for concurrent live Container instances	2TB	30TB

This 15x increase enables larger-scale workloads on Containers. You can now run 15,000 instances of the lite instance type, 6,000 instances of basic, over 1,500 instances of standard-1, or over 1,000 instances of standard-2 concurrently.

Refer to Limits for more details on the available instance types and limits.

Radar - RPKI ASPA Deployment Insights on Cloudflare Radar

Wed, 25 Feb 2026 00:00:00 GMT

Radar now includes Autonomous System Provider Authorization (ASPA) deployment insights, providing visibility into the adoption and verification of ASPA objects across the global routing ecosystem.

New API endpoints

The new ASPA API provides the following endpoints:

/bgp/rpki/aspa/snapshot - Retrieves current or historical ASPA objects.
/bgp/rpki/aspa/changes - Retrieves changes to ASPA objects over time.
/bgp/rpki/aspa/timeseries - Retrieves ASPA object counts over time as a timeseries.

New Radar widgets

The global routing page now shows the ASPA deployment trend over time by counting daily ASPA objects.

The global routing page also displays the most recent ASPA objects, searchable by ASN or AS name.

On country and region routing pages, a new widget shows the ASPA deployment rate for ASNs registered in the selected country or region.

On AS routing pages, the connectivity table now includes checkmarks for ASPA-verified upstreams. All ASPA upstreams are listed in a dedicated table, and a timeline shows ASPA changes at daily granularity.

Check out the Radar routing page to explore the data.

Workers - Better Windows support for Python Workers

Wed, 25 Feb 2026 00:00:00 GMT

Pywrangler, the CLI tool for managing Python Workers and packages, now supports Windows, allowing you to develop and deploy Python Workers from Windows environments. Previously, Pywrangler was only available on macOS and Linux.

You can install and use Pywrangler on Windows the same way you would on other platforms. Specify your Worker's Python dependencies in your pyproject.toml file, then use the following commands to develop and deploy:

uvx --from workers-py pywrangler dev
uvx --from workers-py pywrangler deploy

All existing Pywrangler functionality, including package management, local development, and deployment, works on Windows without any additional configuration.

Requirements

This feature requires the following minimum versions:

wrangler >= 4.64.0
workers-py >= 1.72.0
uv >= 0.29.8

To upgrade workers-py (which includes Pywrangler) in your project, run:

uv tool upgrade workers-py

To upgrade wrangler, run:

npm install -g wrangler@latest

To upgrade uv, run:

uv self update

To get started with Python Workers on Windows, refer to the Python packages documentation for full details on Pywrangler.

Workers - Write structured queries to filter and search your Workers logs and traces

Wed, 25 Feb 2026 00:00:00 GMT

Workers Observability now includes a query language that lets you write structured queries directly in the search bar to filter your logs and traces. The search bar doubles as a free text search box — type any term to search across all metadata and attributes, or write field-level queries for precise filtering.

Queries written in the search bar sync with the Query Builder sidebar, so you can write a query by hand and then refine it visually, or build filters in the Query Builder and see the corresponding query syntax. The search bar provides autocomplete suggestions for metadata fields and operators as you type.

The query language supports:

Free text search — search everywhere with a keyword like error, or match an exact phrase with "exact phrase"
Field queries — filter by specific fields using comparison operators (for example, status = 500 or $workers.wallTimeMs > 100)
Operators — =, !=, >, >=, <, <=, and : (contains)
Functions — contains(field, value), startsWith(field, prefix), regex(field, pattern), and exists(field)
Boolean logic — add conditions with AND, OR, and NOT

Select the help icon next to the search bar to view the full syntax reference, including all supported operators, functions, and keyboard shortcuts.

Go to the Workers Observability dashboard to try the query language.

Workers - No config? No problem. Just `wrangler deploy`

Wed, 25 Feb 2026 00:00:00 GMT

You can now deploy any existing project to Cloudflare Workers — even without a Wrangler configuration file — and wrangler deploy will just work.

Starting with Wrangler 4.68.0, running wrangler deploy automatically configures your project by detecting your framework, installing required adapters, and deploying it to Cloudflare Workers.

Using Wrangler locally

npx wrangler deploy

When you run wrangler deploy in a project without a configuration file, Wrangler:

Detects your framework from package.json
Prompts you to confirm the detected settings
Installs any required adapters
Generates a wrangler.jsonc configuration file
Deploys your project to Cloudflare Workers

You can also use wrangler setup to configure without deploying, or pass --yes to skip prompts.

Using the Cloudflare dashboard

When you connect a repository through the Workers dashboard, a pull request is generated for you with all necessary files, and a preview deployment to check before merging.

Background

In December 2025, we introduced automatic configuration as an experimental feature. It is now generally available and the default behavior.

If you have questions or run into issues, join the GitHub discussion.

Cloudflare One Client - WARP client for Windows (version 2026.1.150.0)

Tue, 24 Feb 2026 01:15:23 GMT

A new GA release for the Windows WARP client is now available on the stable releases downloads page.

This release contains minor fixes, improvements, and new features.

Changes and improvements

Improvements to multi-user mode. Fixed an issue where when switching from a pre-login registration to a user registration, Mobile Device Management (MDM) configuration association could be lost.
Added a new feature to manage NetBIOS over TCP/IP functionality on the Windows client. NetBIOS over TCP/IP on the Windows client is now disabled by default and can be enabled in device profile settings.
Fixed an issue causing failure of the local network exclusion feature when configured with a timeout of 0.
Improvement for the Windows client certificate posture check to ensure logged results are from checks that run once users log in.
Improvement for more accurate reporting of device colocation information in the Cloudflare One dashboard.
Fixed an issue where misconfigured DEX HTTP tests prevented new registrations.
Fixed an issue causing DNS requests to fail with clients in Traffic and DNS mode.
Improved service shutdown behavior in cases where the daemon is unresponsive.

Known issues

For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum Windows 11 24H2 KB5062553 or higher for resolution.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2026.1.150.0)

Tue, 24 Feb 2026 01:15:22 GMT

A new GA release for the macOS WARP client is now available on the stable releases downloads page.

This release contains minor fixes and improvements.

Changes and improvements

Fixed an issue causing failure of the local network exclusion feature when configured with a timeout of 0.
Improvement for more accurate reporting of device colocation information in the Cloudflare One dashboard.
Fixed an issue with DNS server configuration failures that caused tunnel connection delays.
Fixed an issue where misconfigured DEX HTTP tests prevented new registrations.
Fixed an issue causing DNS requests to fail with clients in Traffic and DNS mode.

Cloudflare One Client - WARP client for Linux (version 2026.1.150.0)

Tue, 24 Feb 2026 00:14:20 GMT

A new GA release for the Linux WARP client is now available on the stable releases downloads page.

This release contains minor fixes and improvements.

WARP client version 2025.8.779.0 introduced an updated public key for Linux packages. The public key must be updated if it was installed before September 12, 2025 to ensure the repository remains functional after December 4, 2025. Instructions to make this update are available at pkg.cloudflareclient.com.

Changes and improvements

Fixed an issue causing failure of the local network exclusion feature when configured with a timeout of 0.
Improvement for more accurate reporting of device colocation information in the Cloudflare One dashboard.
Fixed an issue where misconfigured DEX HTTP tests prevented new registrations.
Fixed issues causing DNS requests to fail with clients in Traffic and DNS mode or DNS only mode.

Durable Objects, Workers - deleteAll() now deletes Durable Object alarm

Tue, 24 Feb 2026 00:00:00 GMT

deleteAll() now deletes a Durable Object alarm in addition to stored data for Workers with a compatibility date of 2026-02-24 or later. This change simplifies clearing a Durable Object's storage with a single API call.

Previously, deleteAll() only deleted user-stored data for an object. Alarm usage stores metadata in an object's storage, which required a separate deleteAlarm() call to fully clean up all storage for an object. The deleteAll() change applies to both KV-backed and SQLite-backed Durable Objects.

// Before: two API calls required to clear all storage
await this.ctx.storage.deleteAlarm();
await this.ctx.storage.deleteAll();

// Now: a single call clears both data and the alarm
await this.ctx.storage.deleteAll();

For more information, refer to the Storage API documentation.

Pipelines, Workers - Dropped event metrics, typed Pipelines bindings, and improved setup

Tue, 24 Feb 2026 00:00:00 GMT

Cloudflare Pipelines ingests streaming data via Workers or HTTP endpoints, transforms it with SQL, and writes it to R2 as Apache Iceberg tables. Today we're shipping three improvements to help you understand why streaming events get dropped, catch data quality issues early, and set up Pipelines faster.

Dropped event metrics

When stream events don't match the expected schema, Pipelines accepts them during ingestion but drops them when attempting to deliver them to the sink. To help you identify the root cause of these issues, we are introducing a new dashboard and metrics that surface dropped events with detailed error messages.

Dropped events can also be queried programmatically via the new pipelinesUserErrorsAdaptiveGroups GraphQL dataset. The dataset breaks down failures by specific error type (missing_field, type_mismatch, parse_failure, or null_value) so you can trace issues back to the source.

query GetPipelineUserErrors(
  $accountTag: String!
  $pipelineId: String!
  $datetimeStart: Time!
  $datetimeEnd: Time!
) {
  viewer {
    accounts(filter: { accountTag: $accountTag }) {
      pipelinesUserErrorsAdaptiveGroups(
        limit: 100
        filter: {
          pipelineId: $pipelineId
          datetime_geq: $datetimeStart
          datetime_leq: $datetimeEnd
        }
        orderBy: [count_DESC]
      ) {
        count
        dimensions {
          errorFamily
          errorType
        }
      }
    }
  }
}

For the full list of dimensions, error types, and additional query examples, refer to User error metrics.

Typed Pipelines bindings

Sending data to a Pipeline from a Worker previously used a generic Pipeline<PipelineRecord> type, which meant schema mismatches (wrong field names, incorrect types) were only caught at runtime as dropped events.

Running wrangler types now generates schema-specific TypeScript types for your Pipeline bindings. TypeScript catches missing required fields and incorrect field types at compile time, before your code is deployed.

declare namespace Cloudflare {
  type EcommerceStreamRecord = {
    user_id: string;
    event_type: string;
    product_id?: string;
    amount?: number;
  };
  interface Env {
    STREAM: import("cloudflare:pipelines").Pipeline<Cloudflare.EcommerceStreamRecord>;
  }
}

For more information, refer to Typed Pipeline bindings.

Improved Pipelines setup

Setting up a new Pipeline previously required multiple manual steps: creating an R2 bucket, enabling R2 Data Catalog, generating an API token, and configuring format, compression, and rolling policies individually.

The wrangler pipelines setup command now offers a Simple setup mode that applies recommended defaults and automatically creates the R2 bucket and enables R2 Data Catalog if they do not already exist. Validation errors during setup prompt you to retry inline rather than restarting the entire process.

For a full walkthrough, refer to the Getting started guide.

Stream - Stream live inputs can now be disabled and enabled

Tue, 24 Feb 2026 00:00:00 GMT

You can now disable a live input to reject incoming RTMPS and SRT connections. When a live input is disabled, any broadcast attempts will fail to connect.

This gives you more control over your live inputs:

Temporarily pause an input without deleting it
Programmatically end creator broadcasts
Prevent new broadcasts from starting on a specific input

To disable a live input via the API, set the enabled property to false:

curl --request PUT \
https://api.cloudflare.com/client/v4/accounts/{account_id}/stream/live_inputs/{input_id} \
--header "Authorization: Bearer <API_TOKEN>" \
--data '{"enabled": false}'

You can also disable or enable a live input from the Live inputs list page or the live input detail page in the Dashboard.

All existing live inputs remain enabled by default. For more information, refer to Start a live stream.

Agents, R2, Containers - Backup and restore API for Sandbox SDK

Mon, 23 Feb 2026 00:00:00 GMT

Sandboxes now support createBackup() and restoreBackup() methods for creating and restoring point-in-time snapshots of directories.

This allows you to restore environments quickly. For instance, in order to develop in a sandbox, you may need to include a user's codebase and run a build step. Unfortunately git clone and npm install can take minutes, and you don't want to run these steps every time the user starts their sandbox.

Now, after the initial setup, you can just call createBackup(), then restoreBackup() the next time this environment is needed. This makes it practical to pick up exactly where a user left off, even after days of inactivity, without repeating expensive setup steps.

const sandbox = getSandbox(env.Sandbox, "my-sandbox");

// Make non-trivial changes to the file system
await sandbox.gitCheckout(endUserRepo, { targetDir: "/workspace" });
await sandbox.exec("npm install", { cwd: "/workspace" });

// Create a point-in-time backup of the directory
const backup = await sandbox.createBackup({ dir: "/workspace" });

// Store the handle for later use
await env.KV.put(`backup:${userId}`, JSON.stringify(backup));

// ... in a future session...

// Restore instead of re-cloning and reinstalling
await sandbox.restoreBackup(backup);

Backups are stored in R2 and can take advantage of R2 object lifecycle rules to ensure they do not persist forever.

Key capabilities:

Persist and reuse across sandbox sessions — Easily store backup handles in KV, D1, or Durable Object storage for use in subsequent sessions
Usable across multiple instances — Fork a backup across many sandboxes for parallel work
Named backups — Provide optional human-readable labels for easier management
TTLs — Set time-to-live durations so backups are automatically removed from storage once they are no longer neeeded

To get started, refer to the backup and restore guide for setup instructions and usage patterns, or the Backups API reference for full method documentation.

Hyperdrive - Hyperdrive no longer caches queries using STABLE PostgreSQL functions

Mon, 23 Feb 2026 00:00:00 GMT

Hyperdrive now treats queries containing PostgreSQL STABLE functions as uncacheable, in addition to VOLATILE functions.

Previously, only functions that PostgreSQL categorizes as VOLATILE (for example, RANDOM(), LASTVAL()) were detected as uncacheable. STABLE functions (for example, NOW(), CURRENT_TIMESTAMP, CURRENT_DATE) were incorrectly allowed to be cached.

Because STABLE functions can return different results across different SQL statements within the same transaction, caching their results could serve stale or incorrect data. This change aligns Hyperdrive's caching behavior with PostgreSQL's function volatility semantics.

If your queries use STABLE functions, and you were relying on them being cached, move the function call to your application code and pass the result as a query parameter. For example, instead of WHERE created_at > NOW(), compute the timestamp in your Worker and pass it as WHERE created_at > $1.

Hyperdrive uses text-based pattern matching to detect uncacheable functions. References to function names like NOW() in SQL comments also cause the query to be marked as uncacheable.

For more information, refer to Query caching and Troubleshoot and debug.

Security Center - Saved views for Threat Events

Mon, 23 Feb 2026 00:00:00 GMT

TL;DR: You can now create and save custom configurations of the Threat Events dashboard, allowing you to instantly return to specific filtered views — such as industry-specific attacks or regional Sankey flows — without manual reconfiguration.

Why this matters

Threat intelligence is most effective when it is personalized. Previously, analysts had to manually re-apply complex filters (like combining specific industry datasets with geographic origins) every time they logged in. This update provides material value by:

Analysts can now jump straight into "Known Ransomware Infrastructure" or "Retail Sector Targets" views with a single click, eliminating repetitive setup tasks
Teams can ensure everyone is looking at the same data subsets by using standardized saved views, reducing the risk of missing critical patterns due to inconsistent filtering.

Cloudforce One subscribers can start saving their custom views now in Application Security > Threat Intelligence > Threat Events.

Agents, Workers - @cloudflare/codemode v0.1.0: a new runtime agnostic modular architecture

Fri, 20 Feb 2026 00:00:00 GMT

The @cloudflare/codemode package has been rewritten into a modular, runtime-agnostic SDK.

Code Mode enables LLMs to write and execute code that orchestrates your tools, instead of calling them one at a time. This can (and does) yield significant token savings, reduces context window pressure and improves overall model performance on a task.

The new Executor interface is runtime agnostic and comes with a prebuilt DynamicWorkerExecutor to run generated code in a Dynamic Worker Loader.

Breaking changes

Removed experimental_codemode() and CodeModeProxy — the package no longer owns an LLM call or model choice
New import path: createCodeTool() is now exported from @cloudflare/codemode/ai

New features

createCodeTool() — Returns a standard AI SDK Tool to use in your AI agents.
Executor interface — Minimal execute(code, fns) contract. Implement for any code sandboxing primitive or runtime.

`DynamicWorkerExecutor`

Runs code in a Dynamic Worker. It comes with the following features:

Network isolation — fetch() and connect() blocked by default (globalOutbound: null) when using DynamicWorkerExecutor
Console capture — console.log/warn/error captured and returned in ExecuteResult.logs
Execution timeout — Configurable via timeout option (default 30s)

Usage

JavaScript

import { createCodeTool } from "@cloudflare/codemode/ai";
import { DynamicWorkerExecutor } from "@cloudflare/codemode";
import { streamText } from "ai";

const executor = new DynamicWorkerExecutor({ loader: env.LOADER });
const codemode = createCodeTool({ tools: myTools, executor });

const result = streamText({
  model,
  tools: { codemode },
  messages,
});

TypeScript

import { createCodeTool } from "@cloudflare/codemode/ai";
import { DynamicWorkerExecutor } from "@cloudflare/codemode";
import { streamText } from "ai";

const executor = new DynamicWorkerExecutor({ loader: env.LOADER });
const codemode = createCodeTool({ tools: myTools, executor });

const result = streamText({
  model,
  tools: { codemode },
  messages,
});

Wrangler configuration

wrangler.jsonc

{
  "worker_loaders": [{ "binding": "LOADER" }],
}

wrangler.toml
```
[[worker_loaders]]
binding = "LOADER"
```

See the Code Mode documentation for full API reference and examples.

Upgrade

npm i @cloudflare/codemode@latest

CASB - Understand CASB findings instantly with Cloudy Summaries

Fri, 20 Feb 2026 00:00:00 GMT

You can now easily understand your SaaS security posture findings and why they were detected with Cloudy Summaries in CASB. This feature integrates Cloudflare's Cloudy AI directly into your CASB Posture Findings to automatically generate clear, plain-language summaries of complex security misconfigurations, third-party app risks, and data exposures.

This allows security teams and IT administrators to drastically reduce triage time by immediately understanding the context, potential impact, and necessary remediation steps for any given finding—without needing to be an expert in every connected SaaS application.

To view a summary, simply navigate to your Posture Findings in the Cloudflare One dashboard (under Cloud and SaaS findings) and open the finding details of a specific instance of a Finding.

Cloudy Summaries are supported on all available integrations, including Microsoft 365, Google Workspace, Salesforce, GitHub, AWS, Slack, and Dropbox. See the full list of supported integrations here.

Key capabilities

Contextual explanations — Quickly understand the specifics of a finding with plain-language summaries detailing exactly what was detected, from publicly shared sensitive files to risky third-party app scopes.
Clear risk assessment — Instantly grasp the potential security impact of the finding, such as data breach risks, unauthorized account access, or email spoofing vulnerabilities.
Actionable guidance — Get clear recommendations and next steps on how to effectively remediate the issue and secure your environment.
Built-in feedback — Help improve future AI summarization accuracy by submitting feedback directly using the thumbs-up and thumbs-down buttons.

Learn more

Learn more about managing CASB Posture Findings in Cloudflare.

Cloudy Summaries in CASB are available to all Cloudflare CASB users today.

Cloudflare Tunnel, Cloudflare Tunnel for SASE - Manage Cloudflare Tunnel directly from the main Cloudflare Dashboard

Fri, 20 Feb 2026 00:00:00 GMT

Cloudflare Tunnel is now available in the main Cloudflare Dashboard at Networking > Tunnels, bringing first-class Tunnel management to developers using Tunnel for securing origin servers.

This new experience provides everything you need to manage Tunnels for public applications, including:

Full Tunnel lifecycle management: Create, configure, delete, and monitor all your Tunnels in one place.
Native integrations: View Tunnels by name when configuring DNS records and Workers VPC — no more copy-pasting UUIDs.
Real-time visibility: Monitor replicas and Tunnel health status directly in the dashboard.
Routing map: Manage all ingress routes for your Tunnel, including public applications, private hostnames, private CIDRs, and Workers VPC services, from a single interactive interface.

Choose the right dashboard for your use case

Core Dashboard: Navigate to Networking > Tunnels to manage Tunnels for:

Securing origin servers and public applications with CDN, WAF, Load Balancing, and DDoS protection
Connecting Workers to private services via Workers VPC

Cloudflare One Dashboard: Navigate to Zero Trust > Networks > Connectors to manage Tunnels for:

Securing your public applications with Zero Trust access policies
Connecting users to private applications
Building a private mesh network

Both dashboards provide complete Tunnel management capabilities — choose based on your primary workflow.

Get started

New to Tunnel? Learn how to get started with Cloudflare Tunnel or explore advanced use cases like securing SSH servers or running Tunnels in Kubernetes.

AI Gateway, Workers AI - AI dashboard experience improvements

Thu, 19 Feb 2026 00:00:00 GMT

Workers AI and AI Gateway have received a series of dashboard improvements to help you get started faster and manage your AI workloads more easily.

Navigation and discoverability

AI now has its own top-level section in the Cloudflare dashboard sidebar, so you can find AI features without digging through menus.

Onboarding and getting started

Getting started with AI Gateway is now simpler. When you create your first gateway, we now show your gateway's OpenAI-compatible endpoint and step-by-step guidance to help you configure it. The Playground also includes helpful prompts, and usage pages have clear next steps if you have not made any requests yet.

We've also combined the previously separate code example sections into one view with dropdown selectors for API type, provider, SDK, and authentication method so you can now customize the exact code snippet you need from one place.

Dynamic Routing

The route builder is now more performant and responsive.
You can now copy route names to your clipboard with a single click.
Code examples use the Universal Endpoint format, making it easier to integrate routes into your application.

Observability and analytics

Small monetary values now display correctly in cost analytics charts, so you can accurately track spending at any scale.

Accessibility

Improvements to keyboard navigation within the AI Gateway, specifically when exploring usage by provider.
Improvements to sorting and filtering components on the Workers AI models page.

For more information, refer to the AI Gateway documentation.

Digital Experience Monitoring - DEX Supports EU Customer Metadata Boundary

Thu, 19 Feb 2026 00:00:00 GMT

Digital Experience Monitoring (DEX) provides visibility into WARP device connectivity and performance to any internal or external application.

Now, all DEX logs are fully compatible with Cloudflare's Customer Metadata Boundary (CMB) setting for the 'EU' (European Union), which ensures that DEX logs will not be stored outside the 'EU' when the option is configured.

If a Cloudflare One customer using DEX enables CMB 'EU', they will not see any DEX data in the Cloudflare One dashboard. Customers can ingest DEX data via LogPush, and build their own analytics and dashboards.

If a customer enables CMB in their account, they will see the following message in the Digital Experience dashboard: "DEX data is unavailable because Customer Metadata Boundary configuration is on. Use Cloudflare LogPush to export DEX datasets."

Security Center - Cloudforce One Threat events graphs are now visible in the dashboard

Thu, 19 Feb 2026 00:00:00 GMT

We have introduced dynamic visualizations to the Threat Events dashboard to help you better understand the threat landscape and identify emerging patterns at a glance.

What's new:

Sankey Diagrams: Trace the flow of attacks from country of origin to target country to identify which regions are being hit hardest and where the threat infrastructure resides.

Dataset Distribution over time: Instantly pivot your view to understand if a specific campaign is targeting your sector or if it is a broad-spectrum commodity attack.

Enhanced Filtering: Use these visual tools to filter and drill down into specific attack vectors directly from the charts.

Cloudforce One subscribers can explore these new views now in Application Security > Threat Intelligence > Threat Events.

Analytics - New cfWorker metric in Server-Timing header

Wed, 18 Feb 2026 00:00:00 GMT

The Server-Timing header now includes a new cfWorker metric that measures time spent executing Cloudflare Workers, including any subrequests performed by the Worker. This helps developers accurately identify whether high Time to First Byte (TTFB) is caused by Worker processing or slow upstream dependencies.

Previously, Worker execution time was included in the edge metric, making it harder to identify true edge performance. The new cfWorker metric provides this visibility:

Metric	Description
`edge`	Total time spent on the Cloudflare edge, including Worker execution
`origin`	Time spent fetching from the origin server
`cfWorker`	Time spent in Worker execution, including subrequests but excluding origin fetch time

Example response

Server-Timing: cdn-cache; desc=DYNAMIC, edge; dur=20, origin; dur=100, cfWorker; dur=7

In this example, the edge took 20ms, the origin took 100ms, and the Worker added just 7ms of processing time.

Availability

The cfWorker metric is enabled by default if you have Real User Monitoring (RUM) enabled. Otherwise, you can enable it using Rules.

This metric is particularly useful for:

Performance debugging: Quickly determine if latency is caused by Worker code, external API calls within Workers, or slow origins.
Optimization targeting: Identify which component of your request path needs optimization.
Real User Monitoring (RUM): Access detailed timing breakdowns directly from response headers for client-side analytics.

For more information about Server-Timing headers, refer to the W3C Server Timing specification.

Access - Streamlined clientless browser isolation for private applications

Tue, 17 Feb 2026 00:00:00 GMT

A new Allow clientless access setting makes it easier to connect users without a device client to internal applications, without using public DNS.

Previously, to provide clientless access to a private hostname or IP without a published application, you had to create a separate bookmark application pointing to a prefixed Clientless Web Isolation URL (for example, https://<your-teamname>.cloudflareaccess.com/browser/https://10.0.0.1/). This bookmark was visible to all users in the App Launcher, regardless of whether they had access to the underlying application.

Now, you can manage clientless access directly within your private self-hosted application. When Allow clientless access is turned on, users who pass your Access application policies will see a tile in their App Launcher pointing to the prefixed URL. Users must have remote browser permissions to open the link.

Access - Policies for bookmark applications

Tue, 17 Feb 2026 00:00:00 GMT

You can now assign Access policies to bookmark applications. This lets you control which users see a bookmark in the App Launcher based on identity, device posture, and other policy rules.

Previously, bookmark applications were visible to all users in your organization. With policy support, you can now:

Tailor the App Launcher to each user — Users only see the applications they have access to, reducing clutter and preventing accidental clicks on irrelevant resources.
Restrict visibility of sensitive bookmarks — Limit who can view bookmarks to internal tools or partner resources based on group membership, identity provider, or device posture.

Bookmarks support all Access policy configurations except purpose justification, temporary authentication, and application isolation. If no policy is assigned, the bookmark remains visible to all users (maintaining backwards compatibility).

For more information, refer to Add bookmarks.

Agents, Workers - Agents SDK v0.5.0: Protocol message control, retry utilities, data parts, and @cloudflare/ai-chat v0.1.0

Tue, 17 Feb 2026 00:00:00 GMT

The latest release of the Agents SDK adds built-in retry utilities, per-connection protocol message control, and a fully rewritten @cloudflare/ai-chat with data parts, tool approval persistence, and zero breaking changes.

Retry utilities

A new this.retry() method lets you retry any async operation with exponential backoff and jitter. You can pass an optional shouldRetry predicate to bail early on non-retryable errors.

JavaScript

class MyAgent extends Agent {
  async onRequest(request) {
    const data = await this.retry(() => callUnreliableService(), {
      maxAttempts: 4,
      shouldRetry: (err) => !(err instanceof PermanentError),
    });
    return Response.json(data);
  }
}

TypeScript

class MyAgent extends Agent {
  async onRequest(request: Request) {
    const data = await this.retry(() => callUnreliableService(), {
      maxAttempts: 4,
      shouldRetry: (err) => !(err instanceof PermanentError),
    });
    return Response.json(data);
  }
}

Retry options are also available per-task on queue(), schedule(), scheduleEvery(), and addMcpServer():

JavaScript

// Per-task retry configuration, persisted in SQLite alongside the task
await this.schedule(
  Date.now() + 60_000,
  "sendReport",
  { userId: "abc" },
  {
    retry: { maxAttempts: 5 },
  },
);

// Class-level retry defaults
class MyAgent extends Agent {
  static options = {
    retry: { maxAttempts: 3 },
  };
}

TypeScript

// Per-task retry configuration, persisted in SQLite alongside the task
await this.schedule(Date.now() + 60_000, "sendReport", { userId: "abc" }, {
  retry: { maxAttempts: 5 },
});

// Class-level retry defaults
class MyAgent extends Agent {
  static options = {
    retry: { maxAttempts: 3 },
  };
}

Retry options are validated eagerly at enqueue/schedule time, and invalid values throw immediately. Internal retries have also been added for workflow operations (terminateWorkflow, pauseWorkflow, and others) with Durable Object-aware error detection.

Per-connection protocol message control

Agents automatically send JSON text frames (identity, state, MCP server lists) to every WebSocket connection. You can now suppress these per-connection for clients that cannot handle them — binary-only devices, MQTT clients, or lightweight embedded systems.

JavaScript

class MyAgent extends Agent {
  shouldSendProtocolMessages(connection, ctx) {
    // Suppress protocol messages for MQTT clients
    const subprotocol = ctx.request.headers.get("Sec-WebSocket-Protocol");
    return subprotocol !== "mqtt";
  }
}

TypeScript

class MyAgent extends Agent {
  shouldSendProtocolMessages(connection: Connection, ctx: ConnectionContext) {
    // Suppress protocol messages for MQTT clients
    const subprotocol = ctx.request.headers.get("Sec-WebSocket-Protocol");
    return subprotocol !== "mqtt";
  }
}

Connections with protocol messages disabled still fully participate in RPC and regular messaging. Use isConnectionProtocolEnabled(connection) to check a connection's status at any time. The flag persists across Durable Object hibernation.

See Protocol messages for full documentation.

`@cloudflare/ai-chat` v0.1.0

The first stable release of @cloudflare/ai-chat ships alongside this release with a major refactor of AIChatAgent internals — new ResumableStream class, WebSocket ChatTransport, and simplified SSE parsing — with zero breaking changes. Existing code using AIChatAgent and useAgentChat works as-is.

Key new features:

Data parts — Attach typed JSON blobs (data-*) to messages alongside text. Supports reconciliation (type+id updates in-place), append, and transient parts (ephemeral via onData callback). See Data parts.
Tool approval persistence — The needsApproval approval UI now survives page refresh and DO hibernation. The streaming message is persisted to SQLite when a tool enters approval-requested state.
maxPersistedMessages — Cap SQLite message storage with automatic oldest-message deletion.
body option on useAgentChat — Send custom data with every request (static or dynamic).
Incremental persistence — Hash-based cache to skip redundant SQL writes.
Row size guard — Automatic two-pass compaction when messages approach the SQLite 2 MB limit.
autoContinueAfterToolResult defaults to true — Client-side tool results and tool approvals now automatically trigger a server continuation, matching server-executed tool behavior. Set autoContinueAfterToolResult: false in useAgentChat to restore the previous behavior.

Notable bug fixes:

Resolved stream resumption race conditions
Resolved an issue where setMessages functional updater sent empty arrays
Resolved an issue where client tool schemas were lost after DO hibernation
Resolved InvalidPromptError after tool approval (approval.id was dropped)
Resolved an issue where message metadata was not propagated on broadcast/resume paths
Resolved an issue where clearAll() did not clear in-memory chunk buffers
Resolved an issue where reasoning-delta silently dropped data when reasoning-start was missed during stream resumption

Synchronous queue and schedule getters

getQueue(), getQueues(), getSchedule(), dequeue(), dequeueAll(), and dequeueAllByCallback() were unnecessarily async despite only performing synchronous SQL operations. They now return values directly instead of wrapping them in Promises. This is backward compatible — existing code using await on these methods will continue to work.

Other improvements

Fix TypeScript "excessively deep" error — A depth counter on CanSerialize and IsSerializableParam types bails out to true after 10 levels of recursion, preventing the "Type instantiation is excessively deep" error with deeply nested types like AI SDK CoreMessage[].
POST SSE keepalive — The POST SSE handler now sends event: ping every 30 seconds to keep the connection alive, matching the existing GET SSE handler behavior. This prevents POST response streams from being silently dropped by proxies during long-running tool calls.
Widened peer dependency ranges — Peer dependency ranges across packages have been widened to prevent cascading major bumps during 0.x minor releases. @cloudflare/ai-chat and @cloudflare/codemode are now marked as optional peer dependencies.

Upgrade

To update to the latest version:

npm i agents@latest @cloudflare/ai-chat@latest

Cloudflare One, Cloudflare WAN, Cloudflare Network Firewall, Network Flow - Cloudflare One Product Name Updates

Tue, 17 Feb 2026 00:00:00 GMT

We are updating naming related to some of our Networking products to better clarify their place in the Zero Trust and Secure Access Service Edge (SASE) journey.

We are retiring some older brand names in favor of names that describe exactly what the products do within your network. We are doing this to help customers build better, clearer mental models for comprehensive SASE architecture delivered on Cloudflare.

What's changing

Magic WAN → Cloudflare WAN
Magic WAN IPsec → Cloudflare IPsec
Magic WAN GRE → Cloudflare GRE
Magic WAN Connector → Cloudflare One Appliance
Magic Firewall → Cloudflare Network Firewall
Magic Network Monitoring → Network Flow
Magic Cloud Networking → Cloudflare One Multi-cloud Networking

No action is required by you — all functionality, existing configurations, and billing will remain exactly the same.

For more information, visit the Cloudflare One documentation.

Containers - Docker-in-Docker support added to Containers and Sandboxes

Tue, 17 Feb 2026 00:00:00 GMT

Sandboxes and Containers now support running Docker for "Docker-in-Docker" setups. This is particularly useful when your end users or agents want to run a full sandboxed development environment.

This allows you to:

Develop containerized applications with your Sandbox
Run isolated test environments for images
Build container images as part of CI/CD workflows
Deploy arbitrary images supplied at runtime within a container

For Sandbox SDK users, see the Docker-in-Docker guide for instructions on combining Docker with the SandboxSDK. For general Containers usage, see the Containers FAQ.

Cloudflare Fundamentals - Content encoding support for Markdown for Agents and other improvements

Mon, 16 Feb 2026 00:00:00 GMT

When AI systems request pages from any website that uses Cloudflare and has Markdown for Agents enabled, they can express the preference for text/markdown in the request: our network will automatically and efficiently convert the HTML to markdown, when possible, on the fly.

This release adds the following improvements:

The origin response limit was raised from 1 MB to 2 MB (2,097,152 bytes).
We no longer require the origin to send the content-length header.
We now support content encoded responses from the origin.

If you haven’t enabled automatic Markdown conversion yet, visit the AI Crawl Control section of the Cloudflare dashboard and enable Markdown for Agents.

Refer to our developer documentation for more details.

WAF - WAF Release - 2026-02-16

Mon, 16 Feb 2026 00:00:00 GMT

This week’s release introduces new detections for CVE-2025-68645 and CVE-2025-31125.

Key Findings

CVE-2025-68645: A Local File Inclusion (LFI) vulnerability in the Webmail Classic UI of Zimbra Collaboration Suite (ZCS) 10.0 and 10.1 allows unauthenticated remote attackers to craft requests to the /h/rest endpoint, improperly influence internal dispatching, and include arbitrary files from the WebRoot directory.
CVE-2025-31125: Vite, the JavaScript frontend tooling framework, exposes content of non-allowed files via ?inline&import when its development server is network-exposed, enabling unauthorized attackers to read arbitrary files and potentially leak sensitive information.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	695d76ff756844d384cab548833761f7	N/A	Zimbra - Local File Inclusion - CVE:CVE-2025-68645	Log	Block	This is a new detection.
Cloudflare Managed Ruleset	38fff9f3deba46a2abc10a8f950ed8c8	N/A	Vite - WASM Import Path Traversal - CVE:CVE-2025-31125	Log	Block	This is a new detection.

Workers - Quick Editor devtools replaced with log viewer

Mon, 16 Feb 2026 00:00:00 GMT

Cloudflare has deprecated the Workers Quick Editor dev tools inspector and replaced it with a lightweight log viewer.

This aligns our logging with wrangler tail and gives us the opportunity to focus our efforts on bringing benefits from the work we have invested in observability, which would not be possible otherwise.

We have made improvements to this logging viewer based on your feedback such that you can log object and array types, and easily clear the list of logs. This does not include class instances. Limitations are documented in the Workers Playground docs.

If you do need to develop your Worker with a remote inspector, you can still do this using Wrangler locally. Cloning a project from your quick editor to your computer for local development can be done with the wrangler init --from-dash command. For more information, refer to Wrangler commands.

Workers - New Best Practices guide for Workers

Sun, 15 Feb 2026 00:00:00 GMT

A new Workers Best Practices guide provides opinionated recommendations for building fast, reliable, observable, and secure Workers. The guide draws on production patterns, Cloudflare internal usage, and best practices observed from developers building on Workers.

Key guidance includes:

Keep your compatibility date current and enable nodejs_compat — Ensure you have access to the latest runtime features and Node.js built-in modules.

wrangler.jsonc

{
  "name": "my-worker",
  "main": "src/index.ts",
  // Set this to today's date
  "compatibility_date": "2026-04-03",
  "compatibility_flags": ["nodejs_compat"],
}

wrangler.toml

name = "my-worker"
main = "src/index.ts"
# Set this to today's date
compatibility_date = "2026-04-03"
compatibility_flags = [ "nodejs_compat" ]

Generate binding types with wrangler types — Never hand-write your Env interface. Let Wrangler generate it from your actual configuration to catch mismatches at compile time.
Stream request and response bodies — Avoid buffering large payloads in memory. Use TransformStream and pipeTo to stay within the 128 MB memory limit and improve time-to-first-byte.
Use bindings, not REST APIs — Bindings to KV, R2, D1, Queues, and other Cloudflare services are direct, in-process references with no network hop and no authentication overhead.
Use Queues and Workflows for background work — Move long-running or retriable tasks out of the critical request path. Use Queues for simple fan-out and buffering, and Workflows for multi-step durable processes.
Enable Workers Logs and Traces — Configure observability before deploying to production so you have data when you need to debug.
Avoid global mutable state — Workers reuse isolates across requests. Storing request-scoped data in module-level variables causes cross-request data leaks.
Always await or waitUntil your Promises — Floating promises cause silent bugs and dropped work.
Use Web Crypto for secure token generation — Never use Math.random() for security-sensitive operations.

To learn more, refer to Workers Best Practices.

Cloudflare Fundamentals, Access - Fine-grained permissions for Access policies and service tokens

Fri, 13 Feb 2026 00:00:00 GMT

Fine-grained permissions for Access policies and Access service tokens are available. These new resource-scoped roles expand the existing RBAC model, enabling administrators to grant permissions scoped to individual resources.

New roles

Cloudflare Access policy admin: Can edit a specific Access policy in an account.
Cloudflare Access service token admin: Can edit a specific Access service token in an account.

These roles complement the existing resource-scoped roles for Access applications, identity providers, and infrastructure targets.

For more information:

Cloudflare Fundamentals, SDK - Cloudflare Python SDK v5.0.0-beta.1 now available

Fri, 13 Feb 2026 00:00:00 GMT

Disclaimer: Please note that v5.0.0-beta.1 is in Beta and we are still testing it for stability.

Full Changelog: v4.3.1...v5.0.0-beta.1

In this release, you'll see a large number of breaking changes. This is primarily due to a change in OpenAPI definitions, which our libraries are based off of, and codegen updates that we rely on to read those OpenAPI definitions and produce our SDK libraries. As the codegen is always evolving and improving, so are our code bases.

There may be changes that are not captured in this changelog. Feel free to open an issue to report any inaccuracies, and we will make sure it gets into the changelog before the v5.0.0 release.

Most of the breaking changes below are caused by improvements to the accuracy of the base OpenAPI schemas, which sometimes translates to breaking changes in downstream clients that depend on those schemas.

Please ensure you read through the list of changes below and the migration guide before moving to this version - this will help you understand any down or upstream issues it may cause to your environments.

Breaking Changes

The following resources have breaking changes. See the v5 Migration Guide for detailed migration instructions.

abusereports
acm.totaltls
apigateway.configurations
cloudforceone.threatevents
d1.database
intel.indicatorfeeds
logpush.edge
origintlsclientauth.hostnames
queues.consumers
radar.bgp
rulesets.rules
schemavalidation.schemas
snippets
zerotrust.dlp
zerotrust.networks

Features

New API Resources

abusereports - Abuse report management
abusereports.mitigations - Abuse report mitigation actions
ai.tomarkdown - AI-powered markdown conversion
aigateway.dynamicrouting - AI Gateway dynamic routing configuration
aigateway.providerconfigs - AI Gateway provider configurations
aisearch - AI-powered search functionality
aisearch.instances - AI Search instance management
aisearch.tokens - AI Search authentication tokens
alerting.silences - Alert silence management
brandprotection.logomatches - Brand protection logo match detection
brandprotection.logos - Brand protection logo management
brandprotection.matches - Brand protection match results
brandprotection.queries - Brand protection query management
cloudforceone.binarystorage - CloudForce One binary storage
connectivity.directory - Connectivity directory services
d1.database - D1 database management
diagnostics.endpointhealthchecks - Endpoint health check diagnostics
fraud - Fraud detection and prevention
iam.sso - IAM Single Sign-On configuration
loadbalancers.monitorgroups - Load balancer monitor groups
organizations - Organization management
organizations.organizationprofile - Organization profile settings
origintlsclientauth.hostnamecertificates - Origin TLS client auth hostname certificates
origintlsclientauth.hostnames - Origin TLS client auth hostnames
origintlsclientauth.zonecertificates - Origin TLS client auth zone certificates
pipelines - Data pipeline management
pipelines.sinks - Pipeline sink configurations
pipelines.streams - Pipeline stream configurations
queues.subscriptions - Queue subscription management
r2datacatalog - R2 Data Catalog integration
r2datacatalog.credentials - R2 Data Catalog credentials
r2datacatalog.maintenanceconfigs - R2 Data Catalog maintenance configurations
r2datacatalog.namespaces - R2 Data Catalog namespaces
radar.bots - Radar bot analytics
radar.ct - Radar certificate transparency data
radar.geolocations - Radar geolocation data
realtimekit.activesession - Real-time Kit active session management
realtimekit.analytics - Real-time Kit analytics
realtimekit.apps - Real-time Kit application management
realtimekit.livestreams - Real-time Kit live streaming
realtimekit.meetings - Real-time Kit meeting management
realtimekit.presets - Real-time Kit preset configurations
realtimekit.recordings - Real-time Kit recording management
realtimekit.sessions - Real-time Kit session management
realtimekit.webhooks - Real-time Kit webhook configurations
tokenvalidation.configuration - Token validation configuration
tokenvalidation.rules - Token validation rules
workers.beta - Workers beta features

New Endpoints (Existing Resources)

`acm.totaltls`

edit()
update()

`cloudforceone.threatevents`

list()

`contentscanning`

create()
get()
update()

`dns.records`

scan_list()
scan_review()
scan_trigger()

`intel.indicatorfeeds`

create()
delete()
list()

`leakedcredentialchecks.detections`

get()

`queues.consumers`

list()

`radar.ai`

summary()
timeseries()
timeseries_groups()

`radar.bgp`

changes()
snapshot()

`workers.subdomains`

delete()

`zerotrust.networks`

create()
delete()
edit()
get()
list()

General Fixes and Improvements

Type System & Compatibility

Type inference improvements: Allow Pyright to properly infer TypedDict types within SequenceNotStr
Type completeness: Add missing types to method arguments and response models
Pydantic compatibility: Ensure compatibility with Pydantic versions prior to 2.8.0 when using additional fields

Request/Response Handling

Multipart form data: Correctly handle sending multipart/form-data requests with JSON data
Header handling: Do not send headers with default values set to omit
GET request headers: Don't send Content-Type header on GET requests
Response body model accuracy: Broad improvements to the correctness of models

Parsing & Data Processing

Discriminated unions: Correctly handle nested discriminated unions in response parsing
Extra field types: Parse extra field types correctly
Empty metadata: Ignore empty metadata fields during parsing
Singularization rules: Update resource name singularization rules for better consistency

Workers, Agents, Workers AI - Introducing GLM-4.7-Flash on Workers AI, @cloudflare/tanstack-ai, and workers-ai-provider v3.1.1

Fri, 13 Feb 2026 00:00:00 GMT

We're excited to announce GLM-4.7-Flash on Workers AI, a fast and efficient text generation model optimized for multilingual dialogue and instruction-following tasks, along with the brand-new @cloudflare/tanstack-ai package and workers-ai-provider v3.1.1.

You can now run AI agents entirely on Cloudflare. With GLM-4.7-Flash's multi-turn tool calling support, plus full compatibility with TanStack AI and the Vercel AI SDK, you have everything you need to build agentic applications that run completely at the edge.

GLM-4.7-Flash — Multilingual Text Generation Model

@cf/zai-org/glm-4.7-flash is a multilingual model with a 131,072 token context window, making it ideal for long-form content generation, complex reasoning tasks, and multilingual applications.

Key Features and Use Cases:

Multi-turn Tool Calling for Agents: Build AI agents that can call functions and tools across multiple conversation turns
Multilingual Support: Built to handle content generation in multiple languages effectively
Large Context Window: 131,072 tokens for long-form writing, complex reasoning, and processing long documents
Fast Inference: Optimized for low-latency responses in chatbots and virtual assistants
Instruction Following: Excellent at following complex instructions for code generation and structured tasks

Use GLM-4.7-Flash through the Workers AI binding (env.AI.run()), the REST API at /run or /v1/chat/completions, AI Gateway, or via workers-ai-provider for the Vercel AI SDK.

Pricing is available on the model page or pricing page.

@cloudflare/tanstack-ai v0.1.1 — TanStack AI adapters for Workers AI and AI Gateway

We've released @cloudflare/tanstack-ai, a new package that brings Workers AI and AI Gateway support to TanStack AI. This provides a framework-agnostic alternative for developers who prefer TanStack's approach to building AI applications.

Workers AI adapters support four configuration modes — plain binding (env.AI), plain REST, AI Gateway binding (env.AI.gateway(id)), and AI Gateway REST — across all capabilities:

Chat (createWorkersAiChat) — Streaming chat completions with tool calling, structured output, and reasoning text streaming.
Image generation (createWorkersAiImage) — Text-to-image models.
Transcription (createWorkersAiTranscription) — Speech-to-text.
Text-to-speech (createWorkersAiTts) — Audio generation.
Summarization (createWorkersAiSummarize) — Text summarization.

AI Gateway adapters route requests from third-party providers — OpenAI, Anthropic, Gemini, Grok, and OpenRouter — through Cloudflare AI Gateway for caching, rate limiting, and unified billing.

To get started:

npm install @cloudflare/tanstack-ai @tanstack/ai

workers-ai-provider v3.1.1 — transcription, speech, reranking, and reliability

The Workers AI provider for the Vercel AI SDK now supports three new capabilities beyond chat and image generation:

Transcription (provider.transcription(model)) — Speech-to-text with automatic handling of model-specific input formats across binding and REST paths.
Text-to-speech (provider.speech(model)) — Audio generation with support for voice and speed options.
Reranking (provider.reranking(model)) — Document reranking for RAG pipelines and search result ordering.

import { createWorkersAI } from "workers-ai-provider";
import {
  experimental_transcribe,
  experimental_generateSpeech,
  rerank,
} from "ai";

const workersai = createWorkersAI({ binding: env.AI });

const transcript = await experimental_transcribe({
  model: workersai.transcription("@cf/openai/whisper-large-v3-turbo"),
  audio: audioData,
  mediaType: "audio/wav",
});

const speech = await experimental_generateSpeech({
  model: workersai.speech("@cf/deepgram/aura-1"),
  text: "Hello world",
  voice: "asteria",
});

const ranked = await rerank({
  model: workersai.reranking("@cf/baai/bge-reranker-base"),
  query: "What is machine learning?",
  documents: ["ML is a branch of AI.", "The weather is sunny."],
});

This release also includes a comprehensive reliability overhaul (v3.0.5):

Fixed streaming — Responses now stream token-by-token instead of buffering all chunks, using a proper TransformStream pipeline with backpressure.
Fixed tool calling — Resolved issues with tool call ID sanitization, conversation history preservation, and a heuristic that silently fell back to non-streaming mode when tools were defined.
Premature stream termination detection — Streams that end unexpectedly now report finishReason: "error" instead of silently reporting "stop".
AI Search support — Added createAISearch as the canonical export (renamed from AutoRAG). createAutoRAG still works with a deprecation warning.

To upgrade:

npm install workers-ai-provider@latest ai

Resources

Workers VPC - Origin CA certificate support for Workers VPC

Fri, 13 Feb 2026 00:00:00 GMT

Workers VPC now supports Cloudflare Origin CA certificates when connecting to your private services over HTTPS. Previously, Workers VPC only trusted certificates issued by publicly trusted certificate authorities (for example, Let's Encrypt, DigiCert).

With this change, you can use free Cloudflare Origin CA certificates on your origin servers within private networks and connect to them from Workers VPC using the https scheme. This is useful for encrypting traffic between the tunnel and your service without needing to provision certificates from a public CA.

For more information, refer to Supported TLS certificates.

Cloudflare WAN - Anycast IPs displayed on the dashboard

Thu, 12 Feb 2026 00:00:00 GMT

Cloudflare WAN now displays your Anycast IP addresses directly in the dashboard when you configure IPsec or GRE tunnels.

Previously, customers received their Anycast IPs during onboarding or had to retrieve them with an API call. The dashboard now pre-loads these addresses, reducing setup friction and preventing configuration errors.

No action is required. All Cloudflare WAN customers can see their Anycast IPs in the tunnel configuration form automatically.

For more information, refer to Configure tunnel endpoints.

Cloudflare Fundamentals - Introducing Markdown for Agents

Thu, 12 Feb 2026 00:00:00 GMT

Cloudflare's network now supports real-time content conversion at the source, for enabled zones using content negotiation headers. When AI systems request pages from any website that uses Cloudflare and has Markdown for Agents enabled, they can express the preference for text/markdown in the request: our network will automatically and efficiently convert the HTML to markdown, when possible, on the fly.

Here is a curl example with the Accept negotiation header requesting this page from our developer documentation:

curl https://developers.cloudflare.com/fundamentals/reference/markdown-for-agents/ \
  -H "Accept: text/markdown"

The response to this request is now formatted in markdown:

HTTP/2 200
date: Wed, 11 Feb 2026 11:44:48 GMT
content-type: text/markdown; charset=utf-8
content-length: 2899
vary: accept
x-markdown-tokens: 725
content-signal: ai-train=yes, search=yes, ai-input=yes

---
title: Markdown for Agents · Cloudflare Agents docs
---

## What is Markdown for Agents

Markdown has quickly become the lingua franca for agents and AI systems
as a whole. The format’s explicit structure makes it ideal for AI processing,
ultimately resulting in better results while minimizing token waste.
...

Refer to our developer documentation and our blog announcement for more details.

Radar - Content Type Dimension for AI Bots in Cloudflare Radar

Thu, 12 Feb 2026 00:00:00 GMT

Radar now includes content type insights for AI bot and crawler traffic. The new content_type dimension and filter shows the distribution of content types returned to AI crawlers, grouped by MIME type category.

The content type dimension and filter are available via the following API endpoints:

Content type categories:

HTML - Web pages (text/html)
Images - All image formats (image/*)
JSON - JSON data and API responses (application/json, *+json)
JavaScript - Scripts (application/javascript, text/javascript)
CSS - Stylesheets (text/css)
Plain Text - Unformatted text (text/plain)
Fonts - Web fonts (font/*, application/font-*)
XML - XML documents and feeds (text/xml, application/xml, application/rss+xml, application/atom+xml)
YAML - Configuration files (text/yaml, application/yaml)
Video - Video content and streaming (video/*, application/ogg, *mpegurl)
Audio - Audio content (audio/*)
Markdown - Markdown documents (text/markdown)
Documents - PDFs, Office documents, ePub, CSV (application/pdf, application/msword, text/csv)
Binary - Executables, archives, WebAssembly (application/octet-stream, application/zip, application/wasm)
Serialization - Binary API formats (application/protobuf, application/grpc, application/msgpack)
Other - All other content types

Additionally, individual bot information pages now display content type distribution for AI crawlers that exist in both the Verified Bots and AI Bots datasets.

Check out the AI Insights page to explore the data.

Security Center - Enhanced Logo Matching for Brand Protection

Thu, 12 Feb 2026 00:00:00 GMT

We have significantly upgraded our Logo Matching capabilities within Brand Protection. While previously limited to approximately 100% matches, users can now detect a wider range of brand assets through a redesigned matching model and UI.

What's new

Configurable match thresholds: Users can set a minimum match score (starting at 75%) when creating a logo query to capture subtle variations or high-quality impersonations.
Visual match scores: Allow users to see the exact percentage of the match directly in the results table, highlighted with color-coded lozenges to indicate severity.
Direct logo previews: Available in the Cloudflare dashboard — similar to string matches — to verify infringements at a glance.

Key benefits

Expose sophisticated impersonators who use slightly altered logos to bypass basic detection filters.
Faster triage of the most relevant threats immediately using visual indicators, reducing the time spent manually reviewing matches.

Ready to protect your visual identity? Learn more in our Brand Protection documentation.

Cloudflare Fundamentals, Terraform - Terraform v5.17.0 now available

Thu, 12 Feb 2026 00:00:00 GMT

In January 2025, we announced the launch of the new Terraform v5 Provider. We greatly appreciate the proactive engagement and valuable feedback from the Cloudflare community following the v5 release. In response, we have established a consistent and rapid 2-3 week cadence for releasing targeted improvements, demonstrating our commitment to stability and reliability.

With the help of the community, we have a growing number of resources that we have marked as stable, with that list continuing to grow with every release. The most used resources are on track to be stable by the end of March 2026, when we will also be releasing a new migration tool to help you migrate from v4 to v5 with ease.

This release brings new capabilities for AI Search, enhanced Workers Script placement controls, and numerous bug fixes based on community feedback. We also begun laying foundational work for improving the v4 to v5 migration process. Stay tuned for more details as we approach the March 2026 release timeline.

Thank you for continuing to raise issues. They make our provider stronger and help us build products that reflect your needs.

Features

ai_search_instance: add data source for querying AI Search instances
ai_search_token: add data source for querying AI Search tokens
account: add support for tenant unit management with new unit field
account: add automatic mapping from managed_by.parent_org_id to unit.id
authenticated_origin_pulls_certificate: add data source for querying authenticated origin pull certificates
authenticated_origin_pulls_hostname_certificate: add data source for querying hostname-specific authenticated origin pull certificates
authenticated_origin_pulls_settings: add data source for querying authenticated origin pull settings
workers_kv: add value field to data source to retrieve KV values directly
workers_script: add script field to data source to retrieve script content
workers_script: add support for simple rate limit binding
workers_script: add support for targeted placement mode with placement.target array for specifying placement targets (region, hostname, host)
workers_script: add placement_mode and placement_status computed fields
zero_trust_dex_test: add data source with filter support for finding specific tests
zero_trust_dlp_predefined_profile: add enabled_entries field for flexible entry management

Bug Fixes

account: map managed_by.parent_org_id to unit.id in unmarshall and add acceptance tests
authenticated_origin_pulls_certificate: add certificate normalization to prevent drift
authenticated_origin_pulls: handle array response and implement full lifecycle
authenticated_origin_pulls_hostname_certificate: fix resource and tests
cloudforce_one_request_message: use correct request_id field instead of id in API calls
dns_zone_transfers_incoming: use correct zone_id field instead of id in API calls
dns_zone_transfers_outgoing: use correct zone_id field instead of id in API calls
email_routing_settings: use correct zone_id field instead of id in API calls
hyperdrive_config: add proper handling for write-only fields to prevent state drift
hyperdrive_config: add normalization for empty mtls objects to prevent unnecessary diffs
magic_network_monitoring_rule: use correct account_id field instead of id in API calls
mtls_certificates: fix resource and test
pages_project: revert build_config to computed optional
stream_key: use correct account_id field instead of id in API calls
total_tls: use upsert pattern for singleton zone setting
waiting_room_rules: use correct waiting_room_id field instead of id in API calls
workers_script: add support for placement mode/status
zero_trust_access_application: update v4 version on migration tests
zero_trust_device_posture_rule: update tests to match API
zero_trust_dlp_integration_entry: use correct entry_id field instead of id in API calls
zero_trust_dlp_predefined_entry: use correct entry_id field instead of id in API calls
zero_trust_organization: fix plan issues

Chores

add state upgraders to 95+ resources to lay the foundation for replacing Grit (still under active development)
certificate_pack: add state migration handler for SDKv2 to Framework conversion
custom_hostname_fallback_origin: add comprehensive lifecycle test and migration support
dns_record: add state migration handler for SDKv2 to Framework conversion
leaked_credential_check: add import functionality and tests
load_balancer_pool: add state migration handler with detection for v4 vs v5 format
pages_project: add state migration handlers
tiered_cache: add state migration handlers
zero_trust_dlp_predefined_profile: deprecate entries field in favor of enabled_entries

For more information

Cloudflare One, Cloudflare WAN - Post-quantum encryption support for Cloudflare One Appliance

Wed, 11 Feb 2026 00:00:00 GMT

Cloudflare One Appliance version 2026.2.0 adds post-quantum encryption support using hybrid ML-KEM (Module-Lattice-Based Key-Encapsulation Mechanism).

The appliance now uses TLS 1.3 with hybrid ML-KEM for its connection to the Cloudflare edge. During the TLS handshake, the appliance and the edge share a symmetric secret over the TLS connection and inject it into the ESP layer of IPsec. This protects IPsec data plane traffic against harvest-now, decrypt-later attacks.

This upgrade deploys automatically to all appliances during their configured interrupt windows with no manual action required.

For more information, refer to Cloudflare One Appliance.

Workers - Workers are no longer limited to 1000 subrequests

Wed, 11 Feb 2026 00:00:00 GMT

Workers no longer have a limit of 1000 subrequests per invocation, allowing you to make more fetch() calls or requests to Cloudflare services on every incoming request. This is especially important for long-running Workers requests, such as open websockets on Durable Objects or long-running Workflows, as these could often exceed this limit and error.

By default, Workers on paid plans are now limited to 10,000 subrequests per invocation, but this limit can be increased up to 10 million by setting the new subrequests limit in your Wrangler configuration file.

wrangler.jsonc

{
  "limits": {
    "subrequests": 50000,
  },
}

wrangler.toml
```
[limits]
subrequests = 50_000
```

Workers on the free plan remain limited to 50 external subrequests and 1000 subrequests to Cloudflare services per invocation.

To protect against runaway code or unexpected costs, you can also set a lower limit for both subrequests and CPU usage.

wrangler.jsonc

{
  "limits": {
    "subrequests": 10,
    "cpu_ms": 1000,
  },
}

wrangler.toml
```
[limits]
subrequests = 10
cpu_ms = 1_000
```

For more information, refer to the Wrangler configuration documentation for limits and subrequest limits.

Workers - Improved React Server Components support in the Cloudflare Vite plugin

Wed, 11 Feb 2026 00:00:00 GMT

The Cloudflare Vite plugin now integrates seamlessly @vitejs/plugin-rsc, the official Vite plugin for React Server Components.

A childEnvironments option has been added to the plugin config to enable using multiple environments within a single Worker. The parent environment can then import modules from a child environment in order to access a separate module graph. For a typical RSC use case, the plugin might be configured as in the following example:

export default defineConfig({
  plugins: [
    cloudflare({
      viteEnvironment: {
        name: "rsc",
        childEnvironments: ["ssr"],
      },
    }),
  ],
});

@vitejs/plugin-rsc provides the lower level functionality that frameworks, such as React Router, build upon. The GitHub repository includes a basic Cloudflare example.

WAF - WAF Release - 2026-02-10

Tue, 10 Feb 2026 00:00:00 GMT

This week’s release changes the rule action from BLOCK to Disabled for Anomaly:Header:User-Agent - Fake Google Bot.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	ce11be543594412bb4bb92516aa0bef8	N/A	Anomaly:Header:User-Agent - Fake Google Bot	Enabled	Disabled	We are changing the action for this rule from BLOCK to Disabled

Agents, Workers - Agents SDK v0.4.0: Readonly connections, MCP security improvements, x402 v2 migration, and custom MCP OAuth providers

Mon, 09 Feb 2026 00:00:00 GMT

The latest release of the Agents SDK brings readonly connections, MCP protocol and security improvements, x402 payment protocol v2 migration, and the ability to customize OAuth for MCP server connections.

Readonly connections

Agents can now restrict WebSocket clients to read-only access, preventing them from modifying agent state. This is useful for dashboards, spectator views, or any scenario where clients should observe but not mutate.

New hooks: shouldConnectionBeReadonly, setConnectionReadonly, isConnectionReadonly. Readonly connections block both client-side setState() and mutating @callable() methods, and the readonly flag survives hibernation.

JavaScript

class MyAgent extends Agent {
  shouldConnectionBeReadonly(connection) {
    // Make spectators readonly
    return connection.url.includes("spectator");
  }
}

TypeScript

class MyAgent extends Agent {
  shouldConnectionBeReadonly(connection) {
    // Make spectators readonly
    return connection.url.includes("spectator");
  }
}

Custom MCP OAuth providers

The new createMcpOAuthProvider method on the Agent class allows subclasses to override the default OAuth provider used when connecting to MCP servers. This enables custom authentication strategies such as pre-registered client credentials or mTLS, beyond the built-in dynamic client registration.

JavaScript

class MyAgent extends Agent {
  createMcpOAuthProvider(callbackUrl) {
    return new MyCustomOAuthProvider(this.ctx.storage, this.name, callbackUrl);
  }
}

TypeScript

class MyAgent extends Agent {
  createMcpOAuthProvider(callbackUrl: string): AgentMcpOAuthProvider {
    return new MyCustomOAuthProvider(this.ctx.storage, this.name, callbackUrl);
  }
}

MCP SDK upgrade to 1.26.0

Upgraded the MCP SDK to 1.26.0 to prevent cross-client response leakage. Stateless MCP Servers should now create a new McpServer instance per request instead of sharing a single instance. A guard is added in this version of the MCP SDK which will prevent connection to a Server instance that has already been connected to a transport. Developers will need to modify their code if they declare their McpServer instance as a global variable.

MCP OAuth callback URL security fix

Added callbackPath option to addMcpServer to prevent instance name leakage in MCP OAuth callback URLs. When sendIdentityOnConnect is false, callbackPath is now required — the default callback URL would expose the instance name, undermining the security intent. Also fixes callback request detection to match via the state parameter instead of a loose /callback URL substring check, enabling custom callback paths.

Deprecate `onStateUpdate` in favor of `onStateChanged`

onStateChanged is a drop-in rename of onStateUpdate (same signature, same behavior). onStateUpdate still works but emits a one-time console warning per class. validateStateChange rejections now propagate a CF_AGENT_STATE_ERROR message back to the client.

x402 v2 migration

Migrated the x402 MCP payment integration from the legacy x402 package to @x402/core and @x402/evm v2.

Breaking changes for x402 users:

Peer dependencies changed: replace x402 with @x402/core and @x402/evm
PaymentRequirements type now uses v2 fields (e.g. amount instead of maxAmountRequired)
X402ClientConfig.account type changed from viem.Account to ClientEvmSigner (structurally compatible with privateKeyToAccount())

npm uninstall x402
npm install @x402/core @x402/evm

Network identifiers now accept both legacy names and CAIP-2 format:

// Legacy name (auto-converted)
{
  network: "base-sepolia",
}

// CAIP-2 format (preferred)
{
  network: "eip155:84532",
}

Other x402 changes:

X402ClientConfig.network is now optional — the client auto-selects from available payment requirements
Server-side lazy initialization: facilitator connection is deferred until the first paid tool invocation
Payment tokens support both v2 (PAYMENT-SIGNATURE) and v1 (X-PAYMENT) HTTP headers
Added normalizeNetwork export for converting legacy network names to CAIP-2 format
Re-exports PaymentRequirements, PaymentRequired, Network, FacilitatorConfig, and ClientEvmSigner from agents/x402

Other improvements

Fix useAgent and AgentClient crashing when using basePath routing
CORS handling delegated to partyserver's native support (simpler, more reliable)
Client-side onStateUpdateError callback for handling rejected state updates

Upgrade

To update to the latest version:

npm i agents@latest

Agents - Interactive browser terminals in Sandboxes

Mon, 09 Feb 2026 00:00:00 GMT

The Sandbox SDK now supports PTY (pseudo-terminal) passthrough, enabling browser-based terminal UIs to connect to sandbox shells via WebSocket.

`sandbox.terminal(request)`

The new terminal() method proxies a WebSocket upgrade to the container's PTY endpoint, with output buffering for replay on reconnect.

JavaScript

// Worker: proxy WebSocket to container terminal
return sandbox.terminal(request, { cols: 80, rows: 24 });

TypeScript

// Worker: proxy WebSocket to container terminal
return sandbox.terminal(request, { cols: 80, rows: 24 });

Multiple terminals per sandbox

Each session can have its own terminal with an isolated working directory and environment, so users can run separate shells side-by-side in the same container.

JavaScript

// Multiple isolated terminals in the same sandbox
const dev = await sandbox.getSession("dev");
return dev.terminal(request);

TypeScript

// Multiple isolated terminals in the same sandbox
const dev = await sandbox.getSession("dev");
return dev.terminal(request);

xterm.js addon

The new @cloudflare/sandbox/xterm export provides a SandboxAddon for xterm.js with automatic reconnection (exponential backoff + jitter), buffered output replay, and resize forwarding.

JavaScript

import { SandboxAddon } from "@cloudflare/sandbox/xterm";

const addon = new SandboxAddon({
  getWebSocketUrl: ({ sandboxId, origin }) =>
    `${origin}/ws/terminal?id=${sandboxId}`,
  onStateChange: (state, error) => updateUI(state),
});
terminal.loadAddon(addon);
addon.connect({ sandboxId: "my-sandbox" });

TypeScript

import { SandboxAddon } from "@cloudflare/sandbox/xterm";

const addon = new SandboxAddon({
  getWebSocketUrl: ({ sandboxId, origin }) =>
    `${origin}/ws/terminal?id=${sandboxId}`,
  onStateChange: (state, error) => updateUI(state),
});
terminal.loadAddon(addon);
addon.connect({ sandboxId: "my-sandbox" });

Upgrade

To update to the latest version:

npm i @cloudflare/sandbox@latest

AI Crawl Control - Analytics enhancements

Mon, 09 Feb 2026 00:00:00 GMT

AI Crawl Control metrics have been enhanced with new views, improved filtering, and better data visualization.

Path pattern grouping

In the Metrics tab > Most popular paths table, use the new Patterns tab that groups requests by URI pattern (/blog/*, /api/v1/*, /docs/*) to identify which site areas crawlers target most. Refer to the screenshot above.

Enhanced referral analytics

Destination patterns show which site areas receive AI-driven referral traffic.
In the Metrics tab, a new Referrals over time chart shows trends by operator or source.

Data transfer metrics

In the Metrics tab > Allowed requests over time chart, toggle Bytes to show bandwidth consumption.
In the Crawlers tab, a new Bytes Transferred column shows bandwidth per crawler.

Image exports

Export charts and tables as images for reports and presentations.

Learn more about analyzing AI traffic.

AI Search - AI Search now with more granular controls over indexing

Mon, 09 Feb 2026 00:00:00 GMT

Get your content updates into AI Search faster and avoid a full rescan when you do not need it.

Reindex individual files without a full sync

Updated a file or need to retry one that errored? When you know exactly which file changed, you can now reindex it directly instead of rescanning your entire data source.

Go to Overview > Indexed Items and select the sync icon next to any file to reindex it immediately.

Crawl only the sitemap you need

By default, AI Search crawls all sitemaps listed in your robots.txt, up to the maximum files per index limit. If your site has multiple sitemaps but you only want to index a specific set, you can now specify a single sitemap URL to limit what the crawler visits.

For example, if your robots.txt lists both blog-sitemap.xml and docs-sitemap.xml, you can specify just https://example.com/docs-sitemap.xml to index only your documentation.

Configure your selection anytime in Settings > Parsing options > Specific sitemaps, then trigger a sync to apply the changes.

Learn more about indexing controls and website crawling configuration.

Log Explorer - Tabs and pivots

Mon, 09 Feb 2026 00:00:00 GMT

Log Explorer now supports multiple concurrent queries with the new Tabs feature. Work with multiple queries simultaneously and pivot between datasets to investigate malicious activity more effectively.

Key capabilities

Multiple tabs: Open and switch between multiple query tabs to compare results across different datasets.
Quick filtering: Select the filter button from query results to add a value as a filter to your current query.
Pivot to new tab: Use Cmd + click on the filter button to start a new query tab with that filter applied.
Preserved progress: Your query progress is preserved on each tab if you navigate away and return.

For more information, refer to the Log Explorer documentation.

R2 SQL - R2 SQL now supports approximate aggregation functions

Mon, 09 Feb 2026 00:00:00 GMT

R2 SQL now supports five approximate aggregation functions for fast analysis of large datasets. These functions trade minor precision for improved performance on high-cardinality data.

New functions

APPROX_PERCENTILE_CONT(column, percentile) — Returns the approximate value at a given percentile (0.0 to 1.0). Works on integer and decimal columns.
APPROX_PERCENTILE_CONT_WITH_WEIGHT(column, weight, percentile) — Weighted percentile calculation where each row contributes proportionally to its weight column value.
APPROX_MEDIAN(column) — Returns the approximate median. Equivalent to APPROX_PERCENTILE_CONT(column, 0.5).
APPROX_DISTINCT(column) — Returns the approximate number of distinct values. Works on any column type.
APPROX_TOP_K(column, k) — Returns the k most frequent values with their counts as a JSON array.

All functions support WHERE filters. All except APPROX_TOP_K support GROUP BY.

Examples

-- Percentile analysis on revenue data
SELECT approx_percentile_cont(total_amount, 0.25),
       approx_percentile_cont(total_amount, 0.5),
       approx_percentile_cont(total_amount, 0.75)
FROM my_namespace.sales_data

-- Median per department
SELECT department, approx_median(total_amount)
FROM my_namespace.sales_data
GROUP BY department

-- Approximate distinct customers by region
SELECT region, approx_distinct(customer_id)
FROM my_namespace.sales_data
GROUP BY region

-- Top 5 most frequent departments
SELECT approx_top_k(department, 5)
FROM my_namespace.sales_data

-- Combine approximate and standard aggregations
SELECT COUNT(*),
       AVG(total_amount),
       approx_percentile_cont(total_amount, 0.5),
       approx_distinct(customer_id)
FROM my_namespace.sales_data
WHERE region = 'North'

For the full syntax and additional examples, refer to the SQL reference.

Workers - Visualize data, share links, and create exports with the new Workers Observability dashboard

Fri, 06 Feb 2026 00:00:00 GMT

The Workers Observability dashboard has some major updates to make it easier to debug your application's issues and share findings with your team.

You can now:

Create visualizations — Build charts from your Worker data directly in a Worker's Observability tab
Export data as JSON or CSV — Download logs and traces for offline analysis or to share with teammates
Share events and traces — Generate direct URLs to specific events, invocations, and traces that open standalone pages with full context
Customize table columns — Improved field picker to add, remove, and reorder columns in the events table
Expandable event details — Expand events inline to view full details without leaving the table
Keyboard shortcuts — Navigate the dashboard with hotkey support

These updates are now live in the Cloudflare dashboard, both in a Worker's Observability tab and in the account-level Observability dashboard for a unified experience. To get started, go to Workers & Pages > select your Worker > Observability.

AI Crawl Control - New reference documentation

Wed, 04 Feb 2026 00:00:00 GMT

New reference documentation is now available for AI Crawl Control:

GraphQL API reference — Query examples for crawler requests, top paths, referral traffic, and data transfer. Includes key filters for detection IDs, user agents, and referrer domains.
Bot reference — Detection IDs and user agents for major AI crawlers from OpenAI, Anthropic, Google, Meta, and others.
Worker templates — Deploy the x402 Payment-Gated Proxy to monetize crawler access or charge bots while letting humans through free.

Queues - Cloudflare Queues now available on Workers Free plan

Wed, 04 Feb 2026 00:00:00 GMT

Cloudflare Queues is now part of the Workers free plan, offering guaranteed message delivery across up to 10,000 queues to either Cloudflare Workers or HTTP pull consumers. Every Cloudflare account now includes 10,000 operations per day across reads, writes, and deletes. For more details on how each operation is defined, refer to Queues pricing.

All features of the existing Queues functionality are available on the free plan, including unlimited event subscriptions. Note that the maximum retention period on the free tier, however, is 24 hours rather than 14 days.

If you are new to Cloudflare Queues, follow this guide or try one of our tutorials to get started.

Workflows, Workers - Visualize your Workflows in the Cloudflare dashboard

Wed, 04 Feb 2026 00:00:00 GMT

Cloudflare Workflows now automatically generates visual diagrams from your code

Your Workflow is parsed to provide a visual map of the Workflow structure, allowing you to:

Understand how steps connect and execute
Visualize loops and nested logic
Follow branching paths for conditional logic

You can collapse loops and nested logic to see the high-level flow, or expand them to see every step.

Workflow diagrams are available in beta for all JavaScript and TypeScript Workflows. Find your Workflows in the Cloudflare dashboard to see their diagrams.

Agents, Workflows - Agents SDK v0.3.7: Workflows integration, synchronous state, and scheduleEvery()

Tue, 03 Feb 2026 00:00:00 GMT

The latest release of the Agents SDK brings first-class support for Cloudflare Workflows, synchronous state management, and new scheduling capabilities.

Cloudflare Workflows integration

Agents excel at real-time communication and state management. Workflows excel at durable execution. Together, they enable powerful patterns where Agents handle WebSocket connections while Workflows handle long-running tasks, retries, and human-in-the-loop flows.

Use the new AgentWorkflow class to define workflows with typed access to your Agent:

JavaScript

import { AgentWorkflow } from "agents/workflows";
export class ProcessingWorkflow extends AgentWorkflow {
  async run(event, step) {
    // Call Agent methods via RPC
    await this.agent.updateStatus(event.payload.taskId, "processing");

    // Non-durable: progress reporting to clients
    await this.reportProgress({ step: "process", percent: 0.5 });
    this.broadcastToClients({ type: "update", taskId: event.payload.taskId });

    // Durable via step: idempotent, won't repeat on retry
    await step.mergeAgentState({ taskProgress: 0.5 });

    const result = await step.do("process", async () => {
      return processData(event.payload.data);
    });

    await step.reportComplete(result);
    return result;
  }
}

TypeScript

import { AgentWorkflow } from "agents/workflows";
import type { AgentWorkflowEvent, AgentWorkflowStep } from "agents/workflows";

export class ProcessingWorkflow extends AgentWorkflow<MyAgent, TaskParams> {
  async run(event: AgentWorkflowEvent<TaskParams>, step: AgentWorkflowStep) {
    // Call Agent methods via RPC
    await this.agent.updateStatus(event.payload.taskId, "processing");

    // Non-durable: progress reporting to clients
    await this.reportProgress({ step: "process", percent: 0.5 });
    this.broadcastToClients({ type: "update", taskId: event.payload.taskId });

    // Durable via step: idempotent, won't repeat on retry
    await step.mergeAgentState({ taskProgress: 0.5 });

    const result = await step.do("process", async () => {
      return processData(event.payload.data);
    });

    await step.reportComplete(result);
    return result;
  }
}

Start workflows from your Agent with runWorkflow() and handle lifecycle events:

JavaScript

export class MyAgent extends Agent {
  async startTask(taskId, data) {
    const instanceId = await this.runWorkflow("PROCESSING_WORKFLOW", {
      taskId,
      data,
    });
    return { instanceId };
  }

  async onWorkflowProgress(workflowName, instanceId, progress) {
    this.broadcast(JSON.stringify({ type: "progress", progress }));
  }

  async onWorkflowComplete(workflowName, instanceId, result) {
    console.log(`Workflow ${instanceId} completed`);
  }

  async onWorkflowError(workflowName, instanceId, error) {
    console.error(`Workflow ${instanceId} failed:`, error);
  }
}

TypeScript

export class MyAgent extends Agent {
  async startTask(taskId: string, data: string) {
    const instanceId = await this.runWorkflow("PROCESSING_WORKFLOW", {
      taskId,
      data,
    });
    return { instanceId };
  }

  async onWorkflowProgress(
    workflowName: string,
    instanceId: string,
    progress: unknown,
  ) {
    this.broadcast(JSON.stringify({ type: "progress", progress }));
  }

  async onWorkflowComplete(
    workflowName: string,
    instanceId: string,
    result?: unknown,
  ) {
    console.log(`Workflow ${instanceId} completed`);
  }

  async onWorkflowError(
    workflowName: string,
    instanceId: string,
    error: unknown,
  ) {
    console.error(`Workflow ${instanceId} failed:`, error);
  }
}

Key workflow methods on your Agent:

runWorkflow(workflowName, params, options?) — Start a workflow with optional metadata
getWorkflow(workflowId) / getWorkflows(criteria?) — Query workflows with cursor-based pagination
approveWorkflow(workflowId) / rejectWorkflow(workflowId) — Human-in-the-loop approval flows
pauseWorkflow(), resumeWorkflow(), terminateWorkflow() — Workflow control

Synchronous setState()

State updates are now synchronous with a new validateStateChange() validation hook:

JavaScript

export class MyAgent extends Agent {
  validateStateChange(oldState, newState) {
    // Return false to reject the change
    if (newState.count < 0) return false;
    // Return modified state to transform
    return { ...newState, lastUpdated: Date.now() };
  }
}

TypeScript

export class MyAgent extends Agent<Env, State> {
  validateStateChange(oldState: State, newState: State): State | false {
    // Return false to reject the change
    if (newState.count < 0) return false;
    // Return modified state to transform
    return { ...newState, lastUpdated: Date.now() };
  }
}

scheduleEvery() for recurring tasks

The new scheduleEvery() method enables fixed-interval recurring tasks with built-in overlap prevention:

JavaScript

// Run every 5 minutes
await this.scheduleEvery("syncData", 5 * 60 * 1000, { source: "api" });

TypeScript

// Run every 5 minutes
await this.scheduleEvery("syncData", 5 * 60 * 1000, { source: "api" });

Callable system improvements

Client-side RPC timeout — Set timeouts on callable method invocations
StreamingResponse.error(message) — Graceful stream error signaling
getCallableMethods() — Introspection API for discovering callable methods
Connection close handling — Pending calls are automatically rejected on disconnect

JavaScript

await agent.call("method", [args], {
  timeout: 5000,
  stream: { onChunk, onDone, onError },
});

TypeScript

await agent.call("method", [args], {
  timeout: 5000,
  stream: { onChunk, onDone, onError },
});

Email and routing enhancements

Secure email reply routing — Email replies are now secured with HMAC-SHA256 signed headers, preventing unauthorized routing of emails to agent instances.

Routing improvements:

basePath option to bypass default URL construction for custom routing
Server-sent identity — Agents send name and agent type on connect
New onIdentity and onIdentityChange callbacks on the client

JavaScript

const agent = useAgent({
  basePath: "user",
  onIdentity: (name, agentType) => console.log(`Connected to ${name}`),
});

TypeScript

const agent = useAgent({
  basePath: "user",
  onIdentity: (name, agentType) => console.log(`Connected to ${name}`),
});

Upgrade

To update to the latest version:

npm i agents@latest

For the complete Workflows API reference and patterns, see Run Workflows.

R2 - Improve Global Upload Performance with R2 Local Uploads - Now in Open Beta

Tue, 03 Feb 2026 00:00:00 GMT

Local Uploads is now available in open beta. Enable it on your R2 bucket to improve upload performance when clients upload data from a different region than your bucket. With Local Uploads enabled, object data is written to storage infrastructure near the client, then asynchronously replicated to your bucket. The object is immediately accessible and remains strongly consistent throughout. Refer to How R2 works for details on how data is written to your bucket.

In our tests, we observed up to 75% reduction in Time to Last Byte (TTLB) for upload requests when Local Uploads is enabled.

This feature is ideal when:

Your users are globally distributed
Upload performance and reliability is critical to your application
You want to optimize write performance without changing your bucket's primary location

To enable Local Uploads on your bucket, find Local Uploads in your bucket settings in the Cloudflare Dashboard, or run:

npx wrangler r2 bucket local-uploads enable <BUCKET_NAME>

Enabling Local Uploads on a bucket is seamless: existing uploads will complete as expected and there’s no interruption to traffic. There is no additional cost to enable Local Uploads. Upload requests incur the standard Class A operation costs same as upload requests made without Local Uploads.

For more information, refer to Local Uploads.

Security Center - Threat actor identification with "also known as" aliases

Tue, 03 Feb 2026 00:00:00 GMT

Identifying threat actors can be challenging, because naming conventions often vary across the security industry. To simplify your research, Cloudflare Threat Events now include an Also known as field, providing a list of common aliases and industry-standard names for the groups we track.

This new field is available in both the Cloudflare dashboard and via the API. In the dashboard, you can view these aliases by expanding the event details side panel (under the Attacker field) or by adding it as a column in your configurable table view.

Key benefits

Easily map Cloudflare-tracked actors to the naming conventions used by other vendors without manual cross-referencing.
Quickly identify if a detected threat actor matches a group your team is already monitoring via other intelligence feeds.

For more information on how to access this data, refer to the Threat Events API documentation.

Email security - Improved Accessibility and Search for Monitoring

Mon, 02 Feb 2026 11:05:33 GMT

We have updated the Monitoring page to provide a more streamlined and insightful experience for administrators, improving both data visualization and dashboard accessibility.

Enhanced Visual Layout: Optimized contrast and the introduction of stacked bar charts for clearer data visualization and trend analysis.
Improved Accessibility & Usability:
- Widget Search: Added search functionality to multiple widgets, including Policies, Submitters, and Impersonation.
- Actionable UI: All available actions are now accessible via dedicated buttons.
- State Indicators: Improved UI states to clearly communicate loading, empty datasets, and error conditions.
Granular Data Breakdowns: New views for dispositions by month, malicious email details, link actions, and impersonations.

This applies to all Email Security packages:

Advantage
Enterprise
Enterprise + PhishGuard

WAF - WAF Release - 2026-02-02

Mon, 02 Feb 2026 00:00:00 GMT

This week’s release introduces new detections for CVE-2025-64459 and CVE-2025-24893.

Key Findings

CVE-2025-64459: Django versions prior to 5.1.14, 5.2.8, and 4.2.26 are vulnerable to SQL injection via crafted dictionaries passed to QuerySet methods and the Q() class.
CVE-2025-24893: XWiki allows unauthenticated remote code execution through crafted requests to the SolrSearch endpoint, affecting the entire installation.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	7a47683eacce4abd870ab2c630698ff3	N/A	XWiki - Remote Code Execution - CVE:CVE-2025-24893 2	Log	Block	This is a new detection.
Cloudflare Managed Ruleset	ad5c52f6ca334ef4a844e5e5da8ba7e6	N/A	Django SQLI - CVE:CVE-2025-64459	Log	Block	This is a new detection.
Cloudflare Managed Ruleset	8f0d5c98bd24460a9305a1558d667511	N/A	NoSQL, MongoDB - SQLi - Comparison - 2	Block	Block	Rule metadata description refined. Detection unchanged.

KV - Reduced minimum cache TTL for Workers KV to 30 seconds

Fri, 30 Jan 2026 12:00:00 GMT

The minimum cacheTtl parameter for Workers KV has been reduced from 60 seconds to 30 seconds. This change applies to both get() and getWithMetadata() methods.

This reduction allows you to maintain more up-to-date cached data and have finer-grained control over cache behavior. Applications requiring faster data refresh rates can now configure cache durations as low as 30 seconds instead of the previous 60-second minimum.

The cacheTtl parameter defines how long a KV result is cached at the global network location it is accessed from:

// Read with custom cache TTL
const value = await env.NAMESPACE.get("my-key", {
  cacheTtl: 30, // Cache for minimum 30 seconds (previously 60)
});

// getWithMetadata also supports the reduced cache TTL
const valueWithMetadata = await env.NAMESPACE.getWithMetadata("my-key", {
  cacheTtl: 30, // Cache for minimum 30 seconds
});

The default cache TTL remains unchanged at 60 seconds. Upgrade to the latest version of Wrangler to be able to use 30 seconds cacheTtl.

This change affects all KV read operations using the binding API. For more information, consult the Workers KV cache TTL documentation.

Cloudflare WAN, Magic Transit, Cloudflare One - BGP over GRE and IPsec tunnels

Fri, 30 Jan 2026 00:00:00 GMT

Magic WAN and Magic Transit customers can use the Cloudflare dashboard to configure and manage BGP peering between their networks and their Magic routing table when using IPsec and GRE tunnel on-ramps (beta).

Using BGP peering allows customers to:

Automate the process of adding or removing networks and subnets.
Take advantage of failure detection and session recovery features.

With this functionality, customers can:

Establish an eBGP session between their devices and the Magic WAN / Magic Transit service when connected via IPsec and GRE tunnel on-ramps.
Secure the session by MD5 authentication to prevent misconfigurations.
Exchange routes dynamically between their devices and their Magic routing table.

For configuration details, refer to:

Workers AI - Launching FLUX.2 [klein] 9B on Workers AI

Wed, 28 Jan 2026 00:00:00 GMT

We have partnered with Black Forest Labs (BFL) again to bring their optimized FLUX.2 [klein] 9B model to Workers AI. This distilled model offers enhanced quality compared to the 4B variant, while maintaining cost-effective pricing. With a fixed 4-step inference process, Klein 9B is ideal for rapid prototyping and real-time applications where both speed and quality matter.

Read the BFL blog to learn more about the model itself, or try it out yourself on our multi modal playground.

Pricing documentation is available on the model page or pricing page.

Workers AI platform specifics

The model hosted on Workers AI is optimized for speed with a fixed 4-step inference process and supports up to 4 image inputs. Since this is a distilled model, the steps parameter is fixed at 4 and cannot be adjusted. Like FLUX.2 [dev] and FLUX.2 [klein] 4B, this image model uses multipart form data inputs, even if you just have a prompt.

With the REST API, the multipart form data input looks like this:

curl --request POST \
  --url 'https://api.cloudflare.com/client/v4/accounts/{ACCOUNT}/ai/run/@cf/black-forest-labs/flux-2-klein-9b' \
  --header 'Authorization: Bearer {TOKEN}' \
  --header 'Content-Type: multipart/form-data' \
  --form 'prompt=a sunset at the alps' \
  --form width=1024 \
  --form height=1024

With the Workers AI binding, you can use it as such:

const form = new FormData();
form.append("prompt", "a sunset with a dog");
form.append("width", "1024");
form.append("height", "1024");

// FormData doesn't expose its serialized body or boundary. Passing it to a
// Request (or Response) constructor serializes it and generates the Content-Type
// header with the boundary, which is required for the server to parse the multipart fields.
const formResponse = new Response(form);
const formStream = formResponse.body;
const formContentType = formResponse.headers.get('content-type');

const resp = await env.AI.run("@cf/black-forest-labs/flux-2-klein-9b", {
  multipart: {
    body: formStream,
    contentType: formContentType,
  },
});

The parameters you can send to the model are detailed here:

JSON Schema for Model

Required Parameters

prompt (string) - Text description of the image to generate

Optional Parameters

input_image_0 (string) - Binary image
input_image_1 (string) - Binary image
input_image_2 (string) - Binary image
input_image_3 (string) - Binary image
guidance (float) - Guidance scale for generation. Higher values follow the prompt more closely
width (integer) - Width of the image, default 1024 Range: 256-1920
height (integer) - Height of the image, default 768 Range: 256-1920
seed (integer) - Seed for reproducibility

Note: Since this is a distilled model, the steps parameter is fixed at 4 and cannot be adjusted.

Multi-reference images

The FLUX.2 klein-9b model supports generating images based on reference images, just like FLUX.2 [dev] and FLUX.2 [klein] 4B. You can use this feature to apply the style of one image to another, add a new character to an image, or iterate on past generated images. You would use it with the same multipart form data structure, with the input images in binary. The model supports up to 4 input images.

For the prompt, you can reference the images based on the index, like take the subject of image 1 and style it like image 0 or even use natural language like place the dog beside the woman.

You must name the input parameter as input_image_0, input_image_1, input_image_2, input_image_3 for it to work correctly. All input images must be smaller than 512x512.

curl --request POST \
  --url 'https://api.cloudflare.com/client/v4/accounts/{ACCOUNT}/ai/run/@cf/black-forest-labs/flux-2-klein-9b' \
  --header 'Authorization: Bearer {TOKEN}' \
  --header 'Content-Type: multipart/form-data' \
  --form 'prompt=take the subject of image 1 and style it like image 0' \
  --form input_image_0=@/Users/johndoe/Desktop/icedoutkeanu.png \
  --form input_image_1=@/Users/johndoe/Desktop/me.png \
  --form width=1024 \
  --form height=1024

Through Workers AI Binding:

//helper function to convert ReadableStream to Blob
async function streamToBlob(stream: ReadableStream, contentType: string): Promise<Blob> {
  const reader = stream.getReader();
  const chunks = [];

  while (true) {
    const { done, value } = await reader.read();
    if (done) break;
    chunks.push(value);
  }

  return new Blob(chunks, { type: contentType });
}

const image0 = await fetch("http://image-url");
const image1 = await fetch("http://image-url");
const form = new FormData();

const image_blob0 = await streamToBlob(image0.body, "image/png");
const image_blob1 = await streamToBlob(image1.body, "image/png");
form.append('input_image_0', image_blob0)
form.append('input_image_1', image_blob1)
form.append('prompt', 'take the subject of image 1 and style it like image 0')

// FormData doesn't expose its serialized body or boundary. Passing it to a
// Request (or Response) constructor serializes it and generates the Content-Type
// header with the boundary, which is required for the server to parse the multipart fields.
const formResponse = new Response(form);
const formStream = formResponse.body;
const formContentType = formResponse.headers.get('content-type');

const resp = await env.AI.run("@cf/black-forest-labs/flux-2-klein-9b", {
    multipart: {
        body: formStream,
        contentType: formContentType
    }
})

Cloudflare One Client - WARP client for Windows (version 2026.1.89.1)

Tue, 27 Jan 2026 18:47:00 GMT

A new Beta release for the Windows WARP client is now available on the beta releases downloads page.

This release contains minor fixes, improvements, and new features.

Changes and improvements

Improvements to multi-user mode. Fixed an issue where when switching from a pre-login registration to a user registration, Mobile Device Management (MDM) configuration association could be lost.
Added a new feature to manage NetBIOS over TCP/IP functionality on the Windows client. NetBIOS over TCP/IP on the Windows client is now disabled by default and can be enabled in device profile settings.
Fixed an issue causing failure of the local network exclusion feature when configured with a timeout of 0.
Improvement for the Windows client certificate posture check to ensure logged results are from checks that run once users log in.
Improvement for more accurate reporting of device colocation information in the Cloudflare One dashboard.

Known issues

For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum Windows 11 24H2 KB5062553 or higher for resolution.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2026.1.89.1)

Tue, 27 Jan 2026 18:46:59 GMT

A new Beta release for the macOS WARP client is now available on the beta releases downloads page.

This release contains minor fixes and improvements.

Changes and improvements

Fixed an issue causing failure of the local network exclusion feature when configured with a timeout of 0.
Improvement for more accurate reporting of device colocation information in the Cloudflare One dashboard.

Cloudflare One, Cloudflare WAN - Configure Cloudflare source IPs (beta)

Tue, 27 Jan 2026 00:00:00 GMT

Cloudflare source IPs are the IP addresses used by Cloudflare services (such as Load Balancing, Gateway, and Browser Isolation) when sending traffic to your private networks.

For customers using legacy mode routing, traffic to private networks is sourced from public Cloudflare IPs, which may cause IP conflicts. For customers using Unified Routing mode (beta), traffic to private networks is sourced from dedicated, non-Internet-routable private IPv4 range to ensure:

Symmetric routing over private network connections
Proper firewall state preservation
Private traffic stays on secure paths

Key details:

IPv4: Sourced from 100.64.0.0/12 by default, configurable to any /12 CIDR
IPv6: Sourced from 2606:4700:cf1:5000::/64 (not configurable)
Affected connectors: GRE, IPsec, CNI, WARP Connector, and WARP Client (Cloudflare Tunnel is not affected)

Configuring Cloudflare source IPs requires Unified Routing (beta) and the Cloudflare One Networks Write permission.

For configuration details, refer to Configure Cloudflare source IPs.

Cloudflare Fundamentals - Added Timezone preferences settings

Tue, 27 Jan 2026 00:00:00 GMT

You can now set the timezone in the Cloudflare dashboard as Coordinated Universal Time (UTC) or your browser or system's timezone.

What's New

Unless otherwise specified in the user interface, all dates and times in the Cloudflare dashboard are now displayed in the selected timezone.

You can change the timezone setting from the user profile dropdown.

The page will reload to apply the new timezone setting.

Rules - Control request and response body buffering in Configuration Rules

Tue, 27 Jan 2026 00:00:00 GMT

You can now control how Cloudflare buffers HTTP request and response bodies using two new settings in Configuration Rules.

Request body buffering

Controls how Cloudflare buffers HTTP request bodies before forwarding them to your origin server:

Mode	Behavior
Standard (default)	Cloudflare can inspect a prefix of the request body for enabled functionality such as WAF and Bot Management.
Full	Buffers the entire request body before sending to origin.
None	No buffering — the request body streams directly to origin without inspection.

Response body buffering

Controls how Cloudflare buffers HTTP response bodies before forwarding them to the client:

Mode	Behavior
Standard (default)	Cloudflare can inspect a prefix of the response body for enabled functionality.
None	No buffering — the response body streams directly to the client without inspection.

API example

{
  "action": "set_config",
  "action_parameters": {
    "request_body_buffering": "standard",
    "response_body_buffering": "none"
  }
}

For more information, refer to Configuration Rules.

WAF - WAF Release - 2026-01-26

Mon, 26 Jan 2026 00:00:00 GMT

This week’s release introduces new detections for denial-of-service attempts targeting React CVE-2026-23864 (https://www.cve.org/CVERecord?id=CVE-2026-23864).

Key Findings

CVE-2026-23864 (https://www.cve.org/CVERecord?id=CVE-2026-23864) affects react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack packages.
Attackers can send crafted HTTP requests to Server Function endpoints, causing server crashes, out-of-memory exceptions, or excessive CPU usage.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	aaede80b4d414dc89c443cea61680354	N/A	React Server - DOS - CVE:CVE-2026-23864 - 1	N/A	Block	This is a new detection.
Cloudflare Managed Ruleset	3e93c9faaafa447c83a525f2dcdffcf8	N/A	React Server - DOS - CVE:CVE-2026-23864 - 2	N/A	Block	This is a new detection.
Cloudflare Managed Ruleset	930020d567684f19b05fb35b349edbc6	N/A	React Server - DOS - CVE:CVE-2026-23864 - 3	N/A	Block	This is a new detection.

Cloudflare Fundamentals - New 2FA Experience for Login

Fri, 23 Jan 2026 00:00:00 GMT

In an effort to improve overall user security, users without 2FA will be prompted upon login to enroll in email 2FA. This will improve user security posture while minimizing friction. Users without email 2FA enabled will see a prompt to secure their account with additional factors upon logging in. Enrolling in 2FA remains optional, but strongly encouraged as it is the best way to prevent account takeovers.

We also made changes to existing 2FA screens to improve the user experience. Now we have distinct experiences for each 2FA factor type, reflective of the way that factor works.

For more information

Configure Email Two Factor Authentication

Pages - Increased Pages file limit to 100,000 for paid plans

Fri, 23 Jan 2026 00:00:00 GMT

Paid plans can now have up to 100,000 files per Pages site, increased from the previous limit of 20,000 files.

To enable this increased limit, set the environment variable PAGES_WRANGLER_MAJOR_VERSION=4 in your Pages project settings.

The Free plan remains at 20,000 files per site.

For more details, refer to the Pages limits documentation.

Vectorize - Vectorize indexes now support up to 10 million vectors

Fri, 23 Jan 2026 00:00:00 GMT

You can now store up to 10 million vectors in a single Vectorize index, doubling the previous limit of 5 million vectors. This enables larger-scale semantic search, recommendation systems, and retrieval-augmented generation (RAG) applications without splitting data across multiple indexes.

Vectorize continues to support indexes with up to 1,536 dimensions per vector at 32-bit precision. Refer to the Vectorize limits documentation for complete details.

Cloudflare One, Access - Require Access protection for zones

Thu, 22 Jan 2026 00:00:00 GMT

You can now require Cloudflare Access protection for all hostnames in your account. When enabled, traffic to any hostname that does not have a matching Access application is automatically blocked.

This deny-by-default approach prevents accidental exposure of internal resources to the public Internet. If a developer deploys a new application or creates a DNS record without configuring an Access application, the traffic is blocked rather than exposed.

How it works

Blocked by default: Traffic to all hostnames in the account is blocked unless an Access application exists for that hostname.
Explicit access required: To allow traffic, create an Access application with an Allow or Bypass policy.
Hostname exemptions: You can exempt specific hostnames from this requirement.

To turn on this feature, refer to Require Access protection.

Access - New granular API token permissions for Cloudflare Access

Thu, 22 Jan 2026 00:00:00 GMT

Three new API token permissions are available for Cloudflare Access, giving you finer-grained control when building automations and integrations:

Access: Organizations Revoke — Grants the ability to revoke user sessions in a Zero Trust organization. Use this permission when you need a token that can terminate active sessions without broader write access to organization settings.
Access: Population Read — Grants read access to the SCIM users and groups synced from an identity provider to Cloudflare Access. Use this permission for tokens that only need to read synced user and group data.
Access: Population Write — Grants write access to the SCIM users and groups synced from an identity provider to Cloudflare Access. Use this permission for tokens that need to create or modify synced user and group data.

These permissions are scoped at the account level and can be combined with existing Access permissions.

For a full list of available permissions, refer to API token permissions.

Rules - New cryptographic functions — encode_base64() and sha256()

Thu, 22 Jan 2026 00:00:00 GMT

Cloudflare Rulesets now includes encode_base64() and sha256() functions, enabling you to generate signed request headers directly in rule expressions. These functions support common patterns like constructing a canonical string from request attributes, computing a SHA256 digest, and Base64-encoding the result.

New functions

Function	Description	Availability
`encode_base64(input, flags)`	Encodes a string to Base64 format. Optional `flags` parameter: `u` for URL-safe encoding, `p` for padding (adds `=` characters to make the output length a multiple of 4, as required by some systems). By default, output is standard Base64 without padding.	All plans (in header transform rules)
`sha256(input)`	Computes a SHA256 hash of the input string.	Requires enablement

Examples

Encode a string to Base64 format:

encode_base64("hello world")

Returns: aGVsbG8gd29ybGQ

Encode a string to Base64 format with padding:

encode_base64("hello world", "p")

Returns: aGVsbG8gd29ybGQ=

Perform a URL-safe Base64 encoding of a string:

encode_base64("hello world", "u")

Returns: aGVsbG8gd29ybGQ

Compute the SHA256 hash of a secret token:

sha256("my-token")

Returns a hash that your origin can validate to authenticate requests.

Compute the SHA256 hash of a string and encode the result to Base64 format:

encode_base64(sha256("my-token"))

Combines hashing and encoding for systems that expect Base64-encoded signatures.

For more information, refer to the Functions reference.

Workers - New Placement Hints for Workers

Thu, 22 Jan 2026 00:00:00 GMT

You can now configure Workers to run close to infrastructure in legacy cloud regions to minimize latency to existing services and databases. This is most useful when your Worker makes multiple round trips.

To set a placement hint, set the placement.region property in your Wrangler configuration file:

wrangler.jsonc

{
  "placement": {
    "region": "aws:us-east-1",
  },
}

wrangler.toml
```
[placement]
region = "aws:us-east-1"
```

Placement hints support Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure region identifiers. Workers run in the Cloudflare data center with the lowest latency to the specified cloud region.

If your existing infrastructure is not in these cloud providers, expose it to placement probes with placement.host for layer 4 checks or placement.hostname for layer 7 checks. These probes are designed to locate single-homed infrastructure and are not suitable for anycasted or multicasted resources.

wrangler.jsonc

{
  "placement": {
    "host": "my_database_host.com:5432",
  },
}

wrangler.toml

[placement]
host = "my_database_host.com:5432"

wrangler.jsonc

{
  "placement": {
    "hostname": "my_api_server.com",
  },
}

wrangler.toml

[placement]
hostname = "my_api_server.com"

This is an extension of Smart Placement, which automatically places your Workers closer to back-end APIs based on measured latency. When you do not know the location of your back-end APIs or have multiple back-end APIs, set mode: "smart":

wrangler.jsonc

{
  "placement": {
    "mode": "smart",
  },
}

wrangler.toml
```
[placement]
mode = "smart"
```

AI Search - AI Search path filtering for website and R2 data sources

Tue, 20 Jan 2026 00:00:00 GMT

AI Search now includes path filtering for both website and R2 data sources. You can now control which content gets indexed by defining include and exclude rules for paths.

By controlling what gets indexed, you can improve the relevance and quality of your search results. You can also use path filtering to split a single data source across multiple AI Search instances for specialized search experiences.

Path filtering uses micromatch patterns, so you can use * to match within a directory and ** to match across directories.

Use case	Include	Exclude
Index docs but skip drafts	`/docs/`	`/docs/drafts/`
Keep admin pages out of results	—	`/admin/`
Index only English content	`/en/`	—

Configure path filters when creating a new instance or update them anytime from Settings. Check out path filtering to learn more.

AI Search - Create AI Search instances programmatically via REST API

Tue, 20 Jan 2026 00:00:00 GMT

You can now create AI Search instances programmatically using the API. For example, use the API to create instances for each customer in a multi-tenant application or manage AI Search alongside your other infrastructure.

If you have created an AI Search instance via the dashboard before, you already have a service API token registered and can start creating instances programmatically right away. If not, follow the API guide to set up your first instance.

For example, you can now create separate search instances for each language on your website:

for lang in en fr es de; do
  curl -X POST "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/ai-search/instances" \
    -H "Authorization: Bearer $API_TOKEN" \
    -H "Content-Type: application/json" \
    --data '{
      "id": "docs-'"$lang"'",
      "type": "web-crawler",
      "source": "example.com",
      "source_params": {
        "path_include": ["**/'"$lang"'/**"]
      }
    }'
done

Refer to the REST API reference for additional configuration options.

KV - New Workers KV Dashboard UI

Tue, 20 Jan 2026 00:00:00 GMT

Workers KV has an updated dashboard UI with new dashboard styling that makes it easier to navigate and see analytics and settings for a KV namespace.

The new dashboard features a streamlined homepage for easy access to your namespaces and key operations, with consistent design with the rest of the dashboard UI updates. It also provides an improved analytics view.

The updated dashboard is now available for all Workers KV users. Log in to the Cloudflare Dashboard to start exploring the new interface.

Rules - New functions for array and map operations

Tue, 20 Jan 2026 00:00:00 GMT

New functions for array and map operations

Cloudflare Rulesets now include new functions that enable advanced expression logic for evaluating arrays and maps. These functions allow you to build rules that match against lists of values in request or response headers, enabling use cases like country-based blocking using custom headers.

New functions

Function	Description
`split(source, delimiter)`	Splits a string into an array of strings using the specified delimiter.
`join(array, delimiter)`	Joins an array of strings into a single string using the specified delimiter.
`has_key(map, key)`	Returns `true` if the specified key exists in the map.
`has_value(map, value)`	Returns `true` if the specified value exists in the map.

Example use cases

Check if a country code exists in a header list:

has_value(split(http.response.headers["x-allow-country"][0], ","), ip.src.country)

Check if a specific header key exists:

has_key(http.request.headers, "x-custom-header")

Join array values for logging or comparison:

join(http.request.headers.names, ", ")

For more information, refer to the Functions reference.

Cloudflare Fundamentals, SDK - Cloudflare Typescript SDK v6.0.0-beta.1 now available

Tue, 20 Jan 2026 00:00:00 GMT

Disclaimer: Please note that v6.0.0-beta.1 is in Beta and we are still testing it for stability.

Full Changelog: v5.2.0...v6.0.0-beta.1

Some breaking changes were introduced due to bug fixes, also listed below.

Please ensure you read through the list of changes below before moving to this version - this will help you understand any down or upstream issues it may cause to your environments.

Breaking Changes

Addressing - Parameter Requirements Changed

BGPPrefixCreateParams.cidr: optional → required
PrefixCreateParams.asn: number | null → number
PrefixCreateParams.loa_document_id: required → optional
ServiceBindingCreateParams.cidr: optional → required
ServiceBindingCreateParams.service_id: optional → required

API Gateway

ConfigurationUpdateResponse removed
PublicSchema → OldPublicSchema
SchemaUpload → UserSchemaCreateResponse
ConfigurationUpdateParams.properties removed; use normalize

CloudforceOne - Response Type Changes

ThreatEventBulkCreateResponse: number → complex object with counts and errors

D1 Database - Query Parameters

DatabaseQueryParams: simple interface → union type (D1SingleQuery | MultipleQueries)
DatabaseRawParams: same change
Supports batch queries via batch array

DNS Records - Type Renames (21 types)

All record type interfaces renamed from *Record to short names:

RecordResponse.ARecord → RecordResponse.A
RecordResponse.AAAARecord → RecordResponse.AAAA
RecordResponse.CNAMERecord → RecordResponse.CNAME
RecordResponse.MXRecord → RecordResponse.MX
RecordResponse.NSRecord → RecordResponse.NS
RecordResponse.PTRRecord → RecordResponse.PTR
RecordResponse.TXTRecord → RecordResponse.TXT
RecordResponse.CAARecord → RecordResponse.CAA
RecordResponse.CERTRecord → RecordResponse.CERT
RecordResponse.DNSKEYRecord → RecordResponse.DNSKEY
RecordResponse.DSRecord → RecordResponse.DS
RecordResponse.HTTPSRecord → RecordResponse.HTTPS
RecordResponse.LOCRecord → RecordResponse.LOC
RecordResponse.NAPTRRecord → RecordResponse.NAPTR
RecordResponse.SMIMEARecord → RecordResponse.SMIMEA
RecordResponse.SRVRecord → RecordResponse.SRV
RecordResponse.SSHFPRecord → RecordResponse.SSHFP
RecordResponse.SVCBRecord → RecordResponse.SVCB
RecordResponse.TLSARecord → RecordResponse.TLSA
RecordResponse.URIRecord → RecordResponse.URI
RecordResponse.OpenpgpkeyRecord → RecordResponse.Openpgpkey

IAM Resource Groups

ResourceGroupCreateResponse.scope: optional single → required array
ResourceGroupCreateResponse.id: optional → required

Origin CA Certificates - Parameter Requirements Changed

OriginCACertificateCreateParams.csr: optional → required
OriginCACertificateCreateParams.hostnames: optional → required
OriginCACertificateCreateParams.request_type: optional → required

Pipelines - v0 to v1 Migration

Entire v0 API deprecated; use v1 methods (createV1, listV1, etc.)
New sub-resources: Sinks, Streams

R2

EventNotificationUpdateParams.rules: optional → required
Super Slurper: bucket, secret now required in source params

Radar

dataSource: string → typed enum (23 values)
eventType: string → typed enum (6 values)
V2 methods require dimension parameter (breaking signature change)

Resource Sharing

Removed: status_message field from all recipient response types

Schema Validation

Consolidated SchemaCreateResponse, SchemaListResponse, SchemaEditResponse, SchemaGetResponse → PublicSchema
Renamed: SchemaListResponsesV4PagePaginationArray → PublicSchemasV4PagePaginationArray

Spectrum

Renamed union members: AppListResponse.UnionMember0 → SpectrumConfigAppConfig
Renamed union members: AppListResponse.UnionMember1 → SpectrumConfigPaygoAppConfig

Workers

Removed: WorkersBindingKindTailConsumer type (all occurrences)
Renamed: ScriptsSinglePage → ScriptListResponsesSinglePage
Removed: DeploymentsSinglePage

Zero-Trust DLP

datasets.create(), update(), get() return types changed
PredefinedGetResponse union members renamed to UnionMember0-5

Zero-Trust Tunnels

Removed: CloudflaredCreateResponse, CloudflaredListResponse, CloudflaredDeleteResponse, CloudflaredEditResponse, CloudflaredGetResponse
Removed: CloudflaredListResponsesV4PagePaginationArray

Features

Abuse Reports (`client.abuseReports`)

Reports: create, list, get
Mitigations: sub-resource for abuse mitigations

AI Search (`client.aisearch`)

Instances: create, update, list, delete, read, stats
Items: list, get
Jobs: create, list, get, logs
Tokens: create, update, list, delete, read

Connectivity (`client.connectivity`)

Directory Services: create, update, list, delete, get
Supports IPv4, IPv6, dual-stack, and hostname configurations

Organizations (`client.organizations`)

Organizations: create, update, list, delete, get
OrganizationProfile: update, get
Hierarchical organization support with parent/child relationships

R2 Data Catalog (`client.r2DataCatalog`)

Catalog: list, enable, disable, get
Credentials: create
MaintenanceConfigs: update, get
Namespaces: list
Tables: list, maintenance config management
Apache Iceberg integration

Realtime Kit (`client.realtimeKit`)

Apps: get, post
Meetings: create, get, participant management
Livestreams: 10+ methods for streaming
Recordings: start, pause, stop, get
Sessions: transcripts, summaries, chat
Webhooks: full CRUD
ActiveSession: polls, kick participants
Analytics: organization analytics

Token Validation (`client.tokenValidation`)

Configuration: create, list, delete, edit, get
Credentials: update
Rules: create, list, delete, bulkCreate, bulkEdit, edit, get
JWT validation with RS256/384/512, PS256/384/512, ES256, ES384

Alerting Silences (`client.alerting.silences`)

create, update, list, delete, get

IAM SSO (`client.iam.sso`)

create, update, list, delete, get, beginVerification

Pipelines v1 (`client.pipelines`)

Sinks: create, list, delete, get
Streams: create, update, list, delete, get

Zero-Trust AI Controls / MCP (`client.zeroTrust.access.aiControls.mcp`)

Portals: create, update, list, delete, read
Servers: create, update, list, delete, read, sync

Accounts

managed_by field with parent_org_id, parent_org_name

Addressing LOA Documents

auto_generated field on LOADocumentCreateResponse

Addressing Prefixes

delegate_loa_creation, irr_validation_state, ownership_validation_state, ownership_validation_token, rpki_validation_state

AI

Added toMarkdown.supported() method to get all supported conversion formats

AI Gateway

zdr field added to all responses and params

Alerting

New alert type: abuse_report_alert
type field added to PolicyFilter

Browser Rendering

ContentCreateParams: refined to discriminated union (Variant0 | Variant1)
Split into URL-based and HTML-based parameter variants for better type safety

Client Certificates

reactivate parameter in edit

CloudforceOne

ThreatEventCreateParams.indicatorType: required → optional
hasChildren field added to all threat event response types
datasetIds query parameter on AttackerListParams, CategoryListParams, TargetIndustryListParams
categoryUuid field on TagCreateResponse
indicators array for multi-indicator support per event
uuid and preserveUuid fields for UUID preservation in bulk create
format query parameter ('json' | 'stix2') on ThreatEventListParams
createdAt, datasetId fields on ThreatEventEditParams

Content Scanning

Added create(), update(), get() methods

Custom Pages

New page types: basic_challenge, under_attack, waf_challenge

D1

served_by_colo - colo that handled query
jurisdiction - 'eu' | 'fedramp'
Time Travel (client.d1.database.timeTravel): getBookmark(), restore() - point-in-time recovery

Email Security

New fields on InvestigateListResponse/InvestigateGetResponse: envelope_from, envelope_to, postfix_id_outbound, replyto
New detection classification: 'outbound_ndr'
Enhanced Finding interface with attachment, detection, field, portion, reason, score
Added cursor query parameter to InvestigateListParams

Gateway Lists

New list types: CATEGORY, LOCATION, DEVICE

Intel

New issue type: 'configuration_suggestion'
payload field: unknown → typed Payload interface with detection_method, zone_tag

Leaked Credential Checks

Added detections.get() method

Logpush

New datasets: dex_application_tests, dex_device_state_events, ipsec_logs, warp_config_changes, warp_toggle_changes

Load Balancers

Monitor.port: number → number | null
Pool.load_shedding: LoadShedding → LoadShedding | null
Pool.origin_steering: OriginSteering → OriginSteering | null

Magic Transit

license_key field on connectors
provision_license parameter for auto-provisioning
IPSec: custom_remote_identities with FQDN support
Snapshots: Bond interface, probed_mtu field

Queues

Added subscriptions.get() method
Enhanced SubscriptionGetResponse with typed event source interfaces
New event source types: Images, KV, R2, Vectorize, Workers AI, Workers Builds, Workflows

R2

Sippy: new provider s3 (S3-compatible endpoints)
Sippy: bucketUrl field for S3-compatible sources
Super Slurper: keys field on source response schemas (specify specific keys to migrate)
Super Slurper: pathPrefix field on source schemas
Super Slurper: region field on S3 source params

Radar

Added geolocations.list(), geolocations.get() methods
Added V2 dimension-based methods (summaryV2, timeseriesGroupsV2) to radar sub-resources

Resource Sharing

Added terminal boolean field to Resource Error interfaces

Rules

Added id field to ItemDeleteParams.Item

Rulesets

New buffering fields on SetConfigRule: request_body_buffering, response_body_buffering

Secrets Store

New scopes: 'dex', 'access' (in addition to 'workers', 'ai_gateway')

SSL Certificate Packs

Response types now proper interfaces (was unknown)
Fields now required: id, certificates, hosts, status, type

Security Center

payload field: unknown → typed Payload interface with detection_method, zone_tag

Shared Types

Added: CloudflareTunnelsV4PagePaginationArray pagination class

Workers

Added subdomains.delete() method
Worker.references - track external dependencies (domains, Durable Objects, queues)
Worker.startup_time_ms - startup timing
Script.observability - observability settings with logging
Script.tag, Script.tags - immutable ID and tags
Placement: support for region, hostname, host-based placement
tags, tail_consumers now accept | null
Telemetry: traces field, $containers event info, durableObjectId, transactionName, abr_level fields

Workers for Platforms

ScriptUpdateResponse: new fields entry_point, observability, tag, tags
placement field now union of 4 variants (smart mode, region, hostname, host)
tags, tail_consumers now nullable
TagUpdateParams.body now accepts null

Workflows

instance_retention: unknown → typed InstanceRetention interface with error_retention, success_retention
New status option: 'restart' added to StatusEditParams.status

Zero-Trust Devices

External emergency disconnect settings (4 new fields)
antivirus device posture check type
os_version_extra documentation improvements

Zones

New response types: SubscriptionCreateResponse, SubscriptionUpdateResponse, SubscriptionGetResponse

Zero-Trust Access Applications

New ApplicationType values: 'mcp', 'mcp_portal', 'proxy_endpoint'
New destination type: ViaMcpServerPortalDestination for MCP server access

Zero-Trust Gateway

Added rules.listTenant() method

Zero-Trust Gateway - Proxy Endpoints

ProxyEndpoint: interface → discriminated union (ZeroTrustGatewayProxyEndpointIP | ZeroTrustGatewayProxyEndpointIdentity)
ProxyEndpointCreateParams: interface → union type
Added kind field: 'ip' | 'identity'

Zero-Trust Tunnels

WARPConnector*Response: union type → interface

Deprecations

API Gateway: UserSchemas, Settings, SchemaValidation resources
Audit Logs: auditLogId.not (use id.not)
CloudforceOne: ThreatEvents.get(), IndicatorTypes.list()
Devices: public_ip field (use DEX API)
Email Security: item_count field in Move responses
Pipelines: v0 methods (use v1)
Radar: old summary() and timeseriesGroups() methods (use V2)
Rulesets: disable_apps, mirage fields
WARP Connector: connections field
Workers: environment parameter in Domains
Zones: ResponseBuffering page rule

Bug Fixes

mcp: correct code tool API endpoint (599703c)
mcp: return correct lines on typescript errors (5d6f999)
organization_profile: fix bad reference (d84ea77)
schema_validation: correctly reflect model to openapi mapping (bb86151)
workers: fix tests (2ee37f7)

Documentation

Added deprecation notices with migration paths
api_gateway: deprecate API Shield Schema Validation resources (8a4b20f)
Improved JSDoc examples across all resources
workers: expose subdomain delete documentation (4f7cc1f)

Cloudflare Fundamentals, Terraform - Terraform v5.16.0 now available

Tue, 20 Jan 2026 00:00:00 GMT

In January 2025, we announced the launch of the new Terraform v5 Provider. We greatly appreciate the proactive engagement and valuable feedback from the Cloudflare community following the v5 release. In response, we've established a consistent and rapid 2-3 week cadence for releasing targeted improvements, demonstrating our commitment to stability and reliability.

Thank you for continuing to raise issues. They make our provider stronger and help us build products that reflect your needs.

This release includes bug fixes, the stabilization of even more popular resources, and more.

Features

custom_pages: add "waf_challenge" as new supported error page type identifier in both resource and data source schemas
list: enhance CIDR validator to check for normalized CIDR notation requiring network address for IPv4 and IPv6
magic_wan_gre_tunnel: add automatic_return_routing attribute for automatic routing control
magic_wan_gre_tunnel: add BGP configuration support with new BGP model attribute
magic_wan_gre_tunnel: add bgp_status computed attribute for BGP connection status information
magic_wan_gre_tunnel: enhance schema with BGP-related attributes and validators
magic_wan_ipsec_tunnel: add automatic_return_routing attribute for automatic routing control
magic_wan_ipsec_tunnel: add BGP configuration support with new BGP model attribute
magic_wan_ipsec_tunnel: add bgp_status computed attribute for BGP connection status information
magic_wan_ipsec_tunnel: add custom_remote_identities attribute for custom identity configuration
magic_wan_ipsec_tunnel: enhance schema with BGP and identity-related attributes
ruleset: add request body buffering support
ruleset: enhance ruleset data source with additional configuration options
workers_script: add observability logs attributes to list data source model
workers_script: enhance list data source schema with additional configuration options

Bug Fixes

account_member: fix resource importability issues
dns_record: remove unnecessary fmt.Sprintf wrapper around LoadTestCase call in test configuration helper function
load_balancer: fix session_affinity_ttl type expectations to match Float64 in initial creation and Int64 after migration
workers_kv: handle special characters correctly in URL encoding

Documentation

account_subscription: update schema description for rate_plan.sets attribute to clarify it returns an array of strings
api_shield: add resource-level description for API Shield management of auth ID characteristics
api_shield: enhance auth_id_characteristics.name attribute description to include JWT token configuration format requirements
api_shield: specify JSONPath expression format for JWT claim locations
hyperdrive_config: add description attribute to name attribute explaining its purpose in dashboard and API identification
hyperdrive_config: apply description improvements across resource, data source, and list data source schemas
hyperdrive_config: improve schema descriptions for cache settings to clarify default values
hyperdrive_config: update port description to clarify defaults for different database types

For more information

WAF - WAF Release - 2026-01-20

Tue, 20 Jan 2026 00:00:00 GMT

This week's release focuses on improvements to existing detections to enhance coverage.

Key Findings

Existing rule enhancements have been deployed to improve detection resilience against SQL injection.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	a291bd530fa346d18cc1ce5a68d90c8f	N/A	SQLi - Comment - Beta	Log	Block	This rule is merged into the original rule "SQLi - Comment" (ID: 42c424998d2a42c9808ab49c6d8d8fe4 )
Cloudflare Managed Ruleset	da289f9e692e4f5397d915fbfaa045cf	N/A	SQLi - Comparison - Beta	Log	Block	This rule is merged into the original rule "SQLi - Comparison" (ID: 8166da327a614849bfa29317e7907480 )

Workers - Use auxiliary Workers alongside full-stack frameworks

Tue, 20 Jan 2026 00:00:00 GMT

Auxiliary Workers are now fully supported when using full-stack frameworks, such as React Router and TanStack Start, that integrate with the Cloudflare Vite plugin. They are included alongside the framework's build output in the build output directory. Note that this feature requires Vite 7 or above.

Auxiliary Workers are additional Workers that can be called via service bindings from your main (entry) Worker. They are defined in the plugin config, as in the example below:

import { defineConfig } from "vite";
import { tanstackStart } from "@tanstack/react-start/plugin/vite";
import { cloudflare } from "@cloudflare/vite-plugin";

export default defineConfig({
  plugins: [
    tanstackStart(),
    cloudflare({
      viteEnvironment: { name: "ssr" },
      auxiliaryWorkers: [{ configPath: "./wrangler.aux.jsonc" }],
    }),
  ],
});

See the Vite plugin API docs for more info.

Workers - Import SQL files as additional modules by default

Tue, 20 Jan 2026 00:00:00 GMT

The .sql file extension is now automatically configured to be importable in your Worker code when using Wrangler or the Cloudflare Vite plugin. This is particular useful for importing migrations in Durable Objects and means you no longer need to configure custom rules when using Drizzle.

SQL files are imported as JavaScript strings:

// `example` will be a JavaScript string
import example from "./example.sql";

Cloudflare Fundamentals - Enhanced HTTP/3 request cancellation visibility

Mon, 19 Jan 2026 00:00:00 GMT

Enhanced HTTP/3 request cancellation visibility

Cloudflare now provides more accurate visibility into HTTP/3 client request cancellations, giving you better insight into real client behavior and reducing unnecessary load on your origins.

Previously, when an HTTP/3 client cancelled a request, the cancellation was not always actioned immediately. This meant requests could continue through the CDN — potentially all the way to your origin — even after the client had abandoned them. In these cases, logs would show the upstream response status (such as 200 or a timeout-related code) rather than reflecting the client cancellation.

Now, Cloudflare terminates cancelled HTTP/3 requests immediately and accurately logs them with a 499 status code.

Better observability for client behavior

When HTTP/3 clients cancel requests, Cloudflare now immediately reflects this in your logs with a 499 status code. This gives you:

More accurate traffic analysis: Understand exactly when and how often clients cancel requests.
Clearer debugging: Distinguish between true errors and intentional client cancellations.
Better availability metrics: Separate client-initiated cancellations from server-side issues.

Reduced origin load

Cloudflare now terminates cancelled requests faster, which means:

Less wasted compute: Your origin no longer processes requests that clients have already abandoned.
Lower bandwidth usage: Responses are no longer generated and transmitted for cancelled requests.
Improved efficiency: Resources are freed up to handle active requests.

What to expect in your logs

You may notice an increase in 499 status codes for HTTP/3 traffic. For HTTP/3, a 499 indicates the client cancelled the request stream before receiving a complete response — the underlying connection may remain open. This is a normal part of web traffic.

Tip: If you use 499 codes in availability calculations, consider whether client-initiated cancellations should be excluded from error rates. These typically represent normal user behavior — such as closing a browser, navigating away from a page, mobile network drops, or cancelling a download — rather than service issues.

For more information, refer to Error 499.

Magic Transit, Cloudflare Network Firewall, Cloudflare WAN, Network Flow - Network Services navigation update

Thu, 15 Jan 2026 00:00:00 GMT

The Network Services menu structure in Cloudflare's dashboard has been updated to reflect solutions and capabilities instead of product names. This will make it easier for you to find what you need and better reflects how our services work together.

Your existing configurations will remain the same, and you will have access to all of the same features and functionality.

The changes visible in your dashboard may vary based on the products you use. Overall, changes relate to Magic Transit, Magic WAN, and Magic Firewall.

Summary of changes:

A new Overview page provides access to the most common tasks across Magic Transit and Magic WAN.
Product names have been removed from top-level navigation.
Magic Transit and Magic WAN configuration is now organized under Routes and Connectors. For example, you will find IP Prefixes under Routes, and your GRE/IPsec Tunnels under Connectors.
Magic Firewall policies are now called Firewall Policies.
Magic WAN Connectors and Connector On-Ramps are now referenced in the dashboard as Appliances and Appliance profiles. They can be found under Connectors > Appliances.
Network analytics, network health, and real-time analytics are now available under Insights.
Packet Captures are found under Insights > Diagnostics.
You can manage your Sites from Insights > Network health.
You can find Magic Network Monitoring under Insights > Network flow.

If you would like to provide feedback, complete this form. You can also find these details in the January 7, 2026 email titled [FYI] Upcoming Network Services Dashboard Navigation Update.

Risk Score - Support for CrowdStrike device scores in User Risk Scoring

Thu, 15 Jan 2026 00:00:00 GMT

Cloudflare One has expanded its [User Risk Scoring] (/cloudflare-one/insights/risk-score/) capabilities by introducing two new behaviors for organizations using the [CrowdStrike integration] (/cloudflare-one/integrations/service-providers/crowdstrike/).

Administrators can now automatically escalate the risk score of a user if their device matches specific CrowdStrike Zero Trust Assessment (ZTA) score ranges. This allows for more granular security policies that respond dynamically to the health of the endpoint.

New risk behaviors The following risk scoring behaviors are now available:

CrowdStrike low device score: Automatically increases a user's risk score when the connected device reports a "Low" score from CrowdStrike.
CrowdStrike medium device score: Automatically increases a user's risk score when the connected device reports a "Medium" score from CrowdStrike.

These scores are derived from [CrowdStrike device posture attributes] (/cloudflare-one/integrations/service-providers/crowdstrike/#device-posture-attributes), including OS signals and sensor configurations.

Cloudflare Tunnel, Cloudflare Tunnel for SASE - Verify WARP Connector connectivity with a simple ping

Thu, 15 Jan 2026 00:00:00 GMT

We have made it easier to validate connectivity when deploying WARP Connector as part of your software-defined private network.

You can now ping the WARP Connector host directly on its LAN IP address immediately after installation. This provides a fast, familiar way to confirm that the Connector is online and reachable within your network before testing access to downstream services.

Starting with version 2025.10.186.0, WARP Connector responds to traffic addressed to its own LAN IP, giving you immediate visibility into Connector reachability.

Learn more about deploying WARP Connector and building private network connectivity with Cloudflare One.

WAF - WAF Release - 2026-01-15

Thu, 15 Jan 2026 00:00:00 GMT

This week's release focuses on improvements to existing detections to enhance coverage.

Key Findings

Existing rule enhancements have been deployed to improve detection resilience against SQL Injection.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	eb3f44c07266448b9fa54ee7ad7dad3e	N/A	SQLi - String Function - Beta	Log	Block	This rule is merged into the original rule "SQLi - String Function" (ID: 63e03eecddfc4b3fb0cad587d32b798c )
Cloudflare Managed Ruleset	adf076af09b2484ca9e7881f9e553ad3	N/A	SQLi - Sub Query - Beta	Log	Block	This rule is merged into the original rule "SQLi - Sub Query" (ID: 6ec5ecf52c094330aff99a38743e66b1 )

Workers AI - Launching FLUX.2 [klein] 4B on Workers AI

Thu, 15 Jan 2026 00:00:00 GMT

We've partnered with Black Forest Labs (BFL) again to bring their optimized FLUX.2 [klein] 4B model to Workers AI! This distilled model offers faster generation and cost-effective pricing, while maintaining great output quality. With a fixed 4-step inference process, Klein 4B is ideal for rapid prototyping and real-time applications where speed matters.

Read the BFL blog to learn more about the model itself, or try it out yourself on our multi modal playground.

Pricing documentation is available on the model page or pricing page.

Workers AI Platform specifics

The model hosted on Workers AI is optimized for speed with a fixed 4-step inference process and supports up to 4 image inputs. Since this is a distilled model, the steps parameter is fixed at 4 and cannot be adjusted. Like FLUX.2 [dev], this image model uses multipart form data inputs, even if you just have a prompt.

With the REST API, the multipart form data input looks like this:

curl --request POST \
  --url 'https://api.cloudflare.com/client/v4/accounts/{ACCOUNT}/ai/run/@cf/black-forest-labs/flux-2-klein-4b' \
  --header 'Authorization: Bearer {TOKEN}' \
  --header 'Content-Type: multipart/form-data' \
  --form 'prompt=a sunset at the alps' \
  --form width=1024 \
  --form height=1024

With the Workers AI binding, you can use it as such:

const form = new FormData();
form.append("prompt", "a sunset with a dog");
form.append("width", "1024");
form.append("height", "1024");

// FormData doesn't expose its serialized body or boundary. Passing it to a
// Request (or Response) constructor serializes it and generates the Content-Type
// header with the boundary, which is required for the server to parse the multipart fields.
const formResponse = new Response(form);
const formStream = formResponse.body;
const formContentType = formResponse.headers.get('content-type');

const resp = await env.AI.run("@cf/black-forest-labs/flux-2-klein-4b", {
  multipart: {
    body: formStream,
    contentType: formContentType,
  },
});

The parameters you can send to the model are detailed here:

JSON Schema for Model

Required Parameters

prompt (string) - Text description of the image to generate

Optional Parameters

input_image_0 (string) - Binary image
input_image_1 (string) - Binary image
input_image_2 (string) - Binary image
input_image_3 (string) - Binary image
guidance (float) - Guidance scale for generation. Higher values follow the prompt more closely
width (integer) - Width of the image, default 1024 Range: 256-1920
height (integer) - Height of the image, default 768 Range: 256-1920
seed (integer) - Seed for reproducibility

Note: Since this is a distilled model, the steps parameter is fixed at 4 and cannot be adjusted.

## Multi-Reference Images

The FLUX.2 klein-4b model supports generating images based on reference images, just like FLUX.2 [dev]. You can use this feature to apply the style of one image to another, add a new character to an image, or iterate on past generated images. You would use it with the same multipart form data structure, with the input images in binary. The model supports up to 4 input images.

For the prompt, you can reference the images based on the index, like `take the subject of image 1 and style it like image 0` or even use natural language like `place the dog beside the woman`.

Note: you have to name the input parameter as `input_image_0`, `input_image_1`, `input_image_2`, `input_image_3` for it to work correctly. All input images must be smaller than 512x512.

```bash
curl --request POST \
  --url 'https://api.cloudflare.com/client/v4/accounts/{ACCOUNT}/ai/run/@cf/black-forest-labs/flux-2-klein-4b' \
  --header 'Authorization: Bearer {TOKEN}' \
  --header 'Content-Type: multipart/form-data' \
  --form 'prompt=take the subject of image 1 and style it like image 0' \
  --form input_image_0=@/Users/johndoe/Desktop/icedoutkeanu.png \
  --form input_image_1=@/Users/johndoe/Desktop/me.png \
  --form width=1024 \
  --form height=1024

Through Workers AI Binding:

//helper function to convert ReadableStream to Blob
async function streamToBlob(stream: ReadableStream, contentType: string): Promise<Blob> {
  const reader = stream.getReader();
  const chunks = [];

  while (true) {
    const { done, value } = await reader.read();
    if (done) break;
    chunks.push(value);
  }

  return new Blob(chunks, { type: contentType });
}

const image0 = await fetch("http://image-url");
const image1 = await fetch("http://image-url");
const form = new FormData();

const image_blob0 = await streamToBlob(image0.body, "image/png");
const image_blob1 = await streamToBlob(image1.body, "image/png");
form.append('input_image_0', image_blob0)
form.append('input_image_1', image_blob1)
form.append('prompt', 'take the subject of image 1 and style it like image 0')

// FormData doesn't expose its serialized body or boundary. Passing it to a
// Request (or Response) constructor serializes it and generates the Content-Type
// header with the boundary, which is required for the server to parse the multipart fields.
const formResponse = new Response(form);
const formStream = formResponse.body;
const formContentType = formResponse.headers.get('content-type');

const resp = await env.AI.run("@cf/black-forest-labs/flux-2-klein-4b", {
    multipart: {
        body: formStream,
        contentType: formContentType
    }
})

Security Center - URL Scanner now supports PDF report downloads

Wed, 14 Jan 2026 00:00:00 GMT

We have expanded the reporting capabilities of the Cloudflare URL Scanner. In addition to existing JSON and HAR exports, users can now generate and download a PDF report directly from the Cloudflare dashboard. This update streamlines how security analysts can share findings with stakeholders who may not have access to the Cloudflare dashboard or specialized tools to parse JSON and HAR files.

Key Benefits:

Consolidate scan results, including screenshots, security signatures, and metadata, into a single, portable document
Easily share professional-grade summaries with non-technical stakeholders or legal teams for faster incident response

What’s new:

PDF Export Button: A new download option is available in the URL Scanner results page within the Cloudflare dashboard
Unified Documentation: Access all scan details—from high-level summaries to specific security flags—in one offline-friendly file

To get started with the URL Scanner and explore our reporting capabilities, visit the URL Scanner API documentation.

Cloudflare One Client - WARP client for Windows (version 2025.10.186.0)

Tue, 13 Jan 2026 15:48:19 GMT

A new GA release for the Windows WARP client is now available on the stable releases downloads page.

This release contains minor fixes, improvements, and new features. New features include the ability to manage WARP client connectivity for all devices in your fleet using an external signal, and a new WARP client device posture check for Antivirus.

Changes and improvements

Added a new feature to manage WARP client connectivity for all devices using an external signal. This feature allows administrators to send a global signal from an on-premises HTTPS endpoint that force disconnects or reconnects all WARP clients in an account based on configuration set on the endpoint.
Fixed an issue that caused occasional audio degradation and increased CPU usage on Windows by optimizing route configurations for large domain-based split tunnel rules.
The Local Domain Fallback feature has been fixed for devices running WARP client version 2025.4.929.0 and newer. Previously, these devices could experience failures with Local Domain Fallback unless a fallback server was explicitly configured. This configuration is no longer a requirement for the feature to function correctly.
Proxy mode now supports transparent HTTP proxying in addition to CONNECT-based proxying.
Fixed an issue where sending large messages to the daemon by Inter-Process Communication (IPC) could cause the daemon to fail and result in service interruptions.
Added support for a new WARP client device posture check for Antivirus. The check confirms the presence of an antivirus program on a Windows device with the option to check if the antivirus is up to date.

Known issues

For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum Windows 11 24H2 KB5062553 or higher for resolution.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2025.10.186.0)

Tue, 13 Jan 2026 15:48:17 GMT

A new GA release for the macOS WARP client is now available on the stable releases downloads page.

This release contains minor fixes, improvements, and new features, including the ability to manage WARP client connectivity for all devices in your fleet using an external signal.

Changes and improvements

The Local Domain Fallback feature has been fixed for devices running WARP client version 2025.4.929.0 and newer. Previously, these devices could experience failures with Local Domain Fallback unless a fallback server was explicitly configured. This configuration is no longer a requirement for the feature to function correctly.
Proxy mode now supports transparent HTTP proxying in addition to CONNECT-based proxying.
Added a new feature to manage WARP client connectivity for all devices using an external signal. This feature allows administrators to send a global signal from an on-premises HTTPS endpoint that force disconnects or reconnects all WARP clients in an account based on configuration set on the endpoint.

Cloudflare One Client - WARP client for Linux (version 2025.10.186.0)

Tue, 13 Jan 2026 01:53:14 GMT

A new GA release for the Linux WARP client is now available on the stable releases downloads page.

This release contains minor fixes, improvements, and new features, including the ability to manage WARP client connectivity for all devices in your fleet using an external signal.

Changes and improvements

The Local Domain Fallback feature has been fixed for devices running WARP client version 2025.4.929.0 and newer. Previously, these devices could experience failures with Local Domain Fallback unless a fallback server was explicitly configured. This configuration is no longer a requirement for the feature to function correctly.
Linux disk encryption posture check now supports non-filesystem encryption types like dm-crypt.
Proxy mode now supports transparent HTTP proxying in addition to CONNECT-based proxying.
Fixed an issue where the GUI becomes unresponsive when the Re-Authenticate in browser button is clicked.
Added a new feature to manage WARP client connectivity for all devices using an external signal. This feature allows administrators to send a global signal from an on-premises HTTPS endpoint that force disconnects or reconnects all WARP clients in an account based on configuration set on the endpoint.

AI Crawl Control - AI Crawl Control Read Only role now available

Tue, 13 Jan 2026 00:00:00 GMT

Account administrators can now assign the AI Crawl Control Read Only role to provide read-only access to AI Crawl Control at the domain level.

Users with this role can view the Overview, Crawlers, Metrics, Robots.txt, and Settings tabs but cannot modify crawler actions or settings.

This role is specific for AI Crawl Control. You still require correct permissions to access other areas / features of the dashboard.

To assign, go to Manage Account > Members and add a policy with the AI Crawl Control Read Only role scoped to the desired domain.

Workers - `wrangler types` now generates types for all environments

Tue, 13 Jan 2026 00:00:00 GMT

The wrangler types command now generates TypeScript types for bindings from all environments defined in your Wrangler configuration file by default.

Previously, wrangler types only generated types for bindings in the top-level configuration (or a single environment when using the --env flag). This meant that if you had environment-specific bindings — for example, a KV namespace only in production or an R2 bucket only in staging — those bindings would be missing from your generated types, causing TypeScript errors when accessing them.

Now, running wrangler types collects bindings from all environments and includes them in the generated Env type. This ensures your types are complete regardless of which environment you deploy to.

Generating types for a specific environment

If you want the previous behavior of generating types for only a specific environment, you can use the --env flag:

wrangler types --env production

Learn more about generating types for your Worker in the Wrangler documentation.

Email security - Enhanced visibility for post-delivery actions

Mon, 12 Jan 2026 11:15:33 GMT

The Action Log now provides enriched data for post-delivery actions to improve troubleshooting. In addition to success confirmations, failed actions now display the targeted Destination folder and a specific failure reason within the Activity field.

This update allows you to see the full lifecycle of a failed action. For instance, if an administrator tries to move an email that has already been deleted or moved manually, the log will now show the multiple retry attempts and the specific destination error.

This applies to all Email Security packages:

Enterprise
Enterprise + PhishGuard

Rules - Metro code field now available in Rules

Mon, 12 Jan 2026 00:00:00 GMT

The ip.src.metro_code field in the Ruleset Engine is now populated with DMA (Designated Market Area) data.

You can use this field to build rules that target traffic based on geographic market areas, enabling more granular location-based policies for your applications.

Field details

Field	Type	Description
`ip.src.metro_code`	String \| null	The metro code (DMA) of the incoming request's IP address. Returns the designated market area code for the client's location.

Example filter expression:

ip.src.metro_code eq "501"

For more information, refer to the Fields reference.

Security Center - Cloudflare Threat Events now support STIX2 format

Mon, 12 Jan 2026 00:00:00 GMT

We are excited to announce that Cloudflare Threat Events now supports the STIX2 (Structured Threat Information Expression) format. This was a highly requested feature designed to streamline how security teams consume and act upon our threat intelligence.

By adopting this industry-standard format, you can now integrate Cloudflare's threat events data more effectively into your existing security ecosystem.

Key benefits

Eliminate the need for custom parsers, as STIX2 allows for "out of the box" ingestion into major Threat Intel Platforms (TIPs), SIEMs, and SOAR tools.
STIX2 provides a standardized way to represent relationships between indicators, sightings, and threat actors, giving your analysts a clearer picture of the threat landscape.

For technical details on how to query events using this format, please refer to our Threat Events API Documentation.

WAF - WAF Release - 2026-01-12

Mon, 12 Jan 2026 00:00:00 GMT

This week's release focuses on improvements to existing detections to enhance coverage.

Key Findings

Existing rule enhancements have been deployed to improve detection resilience against SQL Injection.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	72963b917ef74697b5bde02f48a1841a	N/A	SQLi - AND/OR MAKE_SET/ELT - Beta	Log	Block	This rule is merged into the original rule "SQLi - AND/OR MAKE_SET/ELT" (ID: 0f41a593c8fe42c38a26f709252d3934 )
Cloudflare Managed Ruleset	adf076af09b2484ca9e7881f9e553ad3	N/A	SQLi - Benchmark Function - Beta	Log	Block	This rule is merged into the original rule "SQLi - Benchmark Function" (ID: ac4e9ebfb43a4f3998f6072d2ebc44ad )

Workers - Validate your generated types with `wrangler types --check`

Mon, 12 Jan 2026 00:00:00 GMT

Wrangler now supports a --check flag for the wrangler types command. This flag validates that your generated types are up to date without writing any changes to disk.

This is useful in CI/CD pipelines where you want to ensure that developers have regenerated their types after making changes to their Wrangler configuration. If the types are out of date, the command will exit with a non-zero status code.

npx wrangler types --check

If your types are up to date, the command will succeed silently. If they are out of date, you'll see an error message indicating which files need to be regenerated.

For more information, see the Wrangler types documentation.

Workers, Queues - Get notified when your Workers builds succeed or fail

Fri, 09 Jan 2026 00:00:00 GMT

You can now receive notifications when your Workers' builds start, succeed, fail, or get cancelled using Event Subscriptions.

Workers Builds publishes events to a Queue that your Worker can read messages from, and then send notifications wherever you need — Slack, Discord, email, or any webhook endpoint.

You can deploy this Worker to your own Cloudflare account to send build notifications to Slack:

The template includes:

Build status with Preview/Live URLs for successful deployments
Inline error messages for failed builds
Branch, commit hash, and author name

For setup instructions, refer to the template README or the Event Subscriptions documentation.

Workers - Shell tab completions for Wrangler CLI

Fri, 09 Jan 2026 00:00:00 GMT

Wrangler now includes built-in shell tab completion support, making it faster and easier to navigate commands without memorizing every option. Press Tab as you type to autocomplete commands, subcommands, flags, and even option values like log levels.

Tab completions are supported for Bash, Zsh, Fish, and PowerShell.

Setup

Generate the completion script for your shell and add it to your configuration file:

# Bash
wrangler complete bash >> ~/.bashrc

# Zsh
wrangler complete zsh >> ~/.zshrc

# Fish
wrangler complete fish >> ~/.config/fish/config.fish

# PowerShell
wrangler complete powershell >> $PROFILE

After adding the script, restart your terminal or source your configuration file for the changes to take effect. Then you can simply press Tab to see available completions:

wrangler d<TAB>          # completes to 'deploy', 'dev', 'd1', etc.
wrangler kv <TAB>        # shows subcommands: namespace, key, bulk

Tab completions are dynamically generated from Wrangler's command registry, so they stay up-to-date as new commands and options are added. This feature is powered by @bomb.sh/tab.

See the wrangler complete documentation for more details.

Access - Cloudflare admin activity logs capture creation of DNS over HTTP (DoH) users

Thu, 08 Jan 2026 00:00:00 GMT

Cloudflare admin activity logs now capture each time a DNS over HTTP (DoH) user is created.

These logs can be viewed from the Cloudflare One dashboard, pulled via the Cloudflare API, and exported through Logpush.

Workers Analytics Engine, Workers - Workers Analytics Engine SQL now supports filtering using HAVING and LIKE

Wed, 07 Jan 2026 00:00:00 GMT

You can now use the HAVING clause and LIKE pattern matching operators in Workers Analytics Engine.

Workers Analytics Engine allows you to ingest and store high-cardinality data at scale and query your data through a simple SQL API.

Filtering using `HAVING`

The HAVING clause complements the WHERE clause by enabling you to filter groups based on aggregate values. While WHERE filters rows before aggregation, HAVING filters groups after aggregation is complete.

You can use HAVING to filter groups where the average exceeds a threshold:

SELECT
    blob1 AS probe_name,
    avg(double1) AS average_temp
FROM temperature_readings
GROUP BY probe_name
HAVING average_temp > 10

You can also filter groups based on aggregates such as the number of items in the group:

SELECT
    blob1 AS probe_name,
    count() AS num_readings
FROM temperature_readings
GROUP BY probe_name
HAVING num_readings > 100

Pattern matching using `LIKE`

The new pattern matching operators enable you to search for strings that match specific patterns using wildcard characters:

LIKE - case-sensitive pattern matching
NOT LIKE - case-sensitive pattern exclusion
ILIKE - case-insensitive pattern matching
NOT ILIKE - case-insensitive pattern exclusion

Pattern matching supports two wildcard characters: % (matches zero or more characters) and _ (matches exactly one character).

You can match strings starting with a prefix:

SELECT *
FROM logs
WHERE blob1 LIKE 'error%'

You can also match file extensions (case-insensitive):

SELECT *
FROM requests
WHERE blob2 ILIKE '%.jpg'

Another example is excluding strings containing specific text:

SELECT *
FROM events
WHERE blob3 NOT ILIKE '%debug%'

Ready to get started?

Learn more about the HAVING clause or pattern matching operators in the Workers Analytics Engine SQL reference documentation.

Containers - Custom container instance types now available for all users

Mon, 05 Jan 2026 00:00:00 GMT

Custom instance types are now enabled for all Cloudflare Containers users. You can now specify specific vCPU, memory, and disk amounts, rather than being limited to pre-defined instance types. Previously, only select Enterprise customers were able to customize their instance type.

To use a custom instance type, specify the instance_type property as an object with vcpu, memory_mib, and disk_mb fields in your Wrangler configuration:

[[containers]]
image = "./Dockerfile"
instance_type = { vcpu = 2, memory_mib = 6144, disk_mb = 12000 }

Individual limits for custom instance types are based on the standard-4 instance type (4 vCPU, 12 GiB memory, 20 GB disk). You must allocate at least 1 vCPU for custom instance types. For workloads requiring less than 1 vCPU, use the predefined instance types like lite or basic.

See the limits documentation for the full list of constraints on custom instance types. See the getting started guide to deploy your first Container,

Workers - Build microfrontend applications on Workers

Thu, 01 Jan 2026 00:00:00 GMT

You can now deploy microfrontends to Cloudflare, splitting a single application into smaller, independently deployable units that render as one cohesive application. This lets different teams using different frameworks develop, test, and deploy each microfrontend without coordinating releases.

Microfrontends solve several challenges for large-scale applications:

Independent deployments: Teams deploy updates on their own schedule without redeploying the entire application
Framework flexibility: Build multi-framework applications (for example, Astro, Remix, and Next.js in one app)
Gradual migration: Migrate from a monolith to a distributed architecture incrementally

Create a microfrontend project:

This template automatically creates a router worker with pre-configured routing logic, and lets you configure Service bindings to Workers you have already deployed to your Cloudflare account. The router Worker analyzes incoming requests, matches them against configured routes, and forwards requests to the appropriate microfrontend via service bindings. The router automatically rewrites HTML, CSS, and headers to ensure assets load correctly from each microfrontend's mount path. The router includes advanced features like preloading for faster navigation between microfrontends, smooth page transitions using the View Transitions API, and automatic path rewriting for assets, redirects, and cookies.

Each microfrontend can be a full-framework application, a static site with Workers Static Assets, or any other Worker-based application.

Get started with the microfrontends template, or read the microfrontends documentation for implementation details.

Cloudflare One, Cloudflare WAN - Breakout traffic visibility via NetFlow

Wed, 31 Dec 2025 00:00:00 GMT

Magic WAN Connector now exports NetFlow data for breakout traffic to Magic Network Monitoring (MNM), providing visibility into traffic that bypasses Cloudflare's security filtering.

This feature allows you to:

Monitor breakout traffic statistics in the Cloudflare dashboard.
View traffic patterns for applications configured to bypass Cloudflare.
Maintain visibility across all traffic passing through your Magic WAN Connector.

For more information, refer to NetFlow statistics.

Agents, Workers - Agents SDK v0.3.0, workers-ai-provider v3.0.0, and ai-gateway-provider v3.0.0 with AI SDK v6 support

Mon, 22 Dec 2025 00:00:00 GMT

We've shipped a new release for the Agents SDK v0.3.0 bringing full compatibility with AI SDK v6 and introducing the unified tool pattern, dynamic tool approval, and enhanced React hooks with improved tool handling.

This release includes improved streaming and tool support, dynamic tool approval (for "human in the loop" systems), enhanced React hooks with onToolCall callback, improved error handling for streaming responses, and seamless migration from v5 patterns.

This makes it ideal for building production AI chat interfaces with Cloudflare Workers AI models, agent workflows, human-in-the-loop systems, or any application requiring reliable tool execution and approval workflows.

Additionally, we've updated workers-ai-provider v3.0.0, the official provider for Cloudflare Workers AI models, and ai-gateway-provider v3.0.0, the provider for Cloudflare AI Gateway, to be compatible with AI SDK v6.

Agents SDK v0.3.0

Unified Tool Pattern

AI SDK v6 introduces a unified tool pattern where all tools are defined on the server using the tool() function. This replaces the previous client-side AITool pattern.

Server-Side Tool Definition

import { tool } from "ai";
import { z } from "zod";

// Server: Define ALL tools on the server
const tools = {
  // Server-executed tool
  getWeather: tool({
    description: "Get weather for a city",
    inputSchema: z.object({ city: z.string() }),
    execute: async ({ city }) => fetchWeather(city)
  }),

  // Client-executed tool (no execute = client handles via onToolCall)
  getLocation: tool({
    description: "Get user location from browser",
    inputSchema: z.object({})
    // No execute function
  }),

  // Tool requiring approval (dynamic based on input)
  processPayment: tool({
    description: "Process a payment",
    inputSchema: z.object({ amount: z.number() }),
    needsApproval: async ({ amount }) => amount > 100,
    execute: async ({ amount }) => charge(amount)
  })
};

Client-Side Tool Handling

// Client: Handle client-side tools via onToolCall callback
import { useAgentChat } from "agents/ai-react";

const { messages, sendMessage, addToolOutput } = useAgentChat({
  agent,
  onToolCall: async ({ toolCall, addToolOutput }) => {
    if (toolCall.toolName === "getLocation") {
      const position = await new Promise((resolve, reject) => {
        navigator.geolocation.getCurrentPosition(resolve, reject);
      });
      addToolOutput({
        toolCallId: toolCall.toolCallId,
        output: {
          lat: position.coords.latitude,
          lng: position.coords.longitude
        }
      });
    }
  }
});

Key benefits of the unified tool pattern:

Server-defined tools: All tools are defined in one place on the server
Dynamic approval: Use needsApproval to conditionally require user confirmation
Cleaner client code: Use onToolCall callback instead of managing tool configs
Type safety: Full TypeScript support with proper tool typing

useAgentChat(options)

Creates a new chat interface with enhanced v6 capabilities.

// Basic chat setup with onToolCall
const { messages, sendMessage, addToolOutput } = useAgentChat({
  agent,
  onToolCall: async ({ toolCall, addToolOutput }) => {
    // Handle client-side tool execution
    await addToolOutput({
      toolCallId: toolCall.toolCallId,
      output: { result: "success" }
    });
  }
});

Dynamic Tool Approval

Use needsApproval on server tools to conditionally require user confirmation:

const paymentTool = tool({
  description: "Process a payment",
  inputSchema: z.object({
    amount: z.number(),
    recipient: z.string()
  }),
  needsApproval: async ({ amount }) => amount > 1000,
  execute: async ({ amount, recipient }) => {
    return await processPayment(amount, recipient);
  }
});

Tool Confirmation Detection

The isToolUIPart and getToolName functions now check both static and dynamic tool parts:

import { isToolUIPart, getToolName } from "ai";

const pendingToolCallConfirmation = messages.some((m) =>
  m.parts?.some(
    (part) => isToolUIPart(part) && part.state === "input-available",
  ),
);

// Handle tool confirmation
if (pendingToolCallConfirmation) {
  await addToolOutput({
    toolCallId: part.toolCallId,
    output: "User approved the action"
  });
}

If you need the v5 behavior (static-only checks), use the new functions:

import { isStaticToolUIPart, getStaticToolName } from "ai";

convertToModelMessages() is now async

The convertToModelMessages() function is now asynchronous. Update all calls to await the result:

import { convertToModelMessages } from "ai";

const result = streamText({
  messages: await convertToModelMessages(this.messages),
  model: openai("gpt-4o")
});

ModelMessage type

The CoreMessage type has been removed. Use ModelMessage instead:

import { convertToModelMessages, type ModelMessage } from "ai";

const modelMessages: ModelMessage[] = await convertToModelMessages(messages);

generateObject mode option removed

The mode option for generateObject has been removed:

// Before (v5)
const result = await generateObject({
  mode: "json",
  model,
  schema,
  prompt
});

// After (v6)
const result = await generateObject({
  model,
  schema,
  prompt
});

Structured Output with generateText

While generateObject and streamObject are still functional, the recommended approach is to use generateText/streamText with the Output.object() helper:

import { generateText, Output, stepCountIs } from "ai";

const { output } = await generateText({
  model: openai("gpt-4"),
  output: Output.object({
    schema: z.object({ name: z.string() })
  }),
  stopWhen: stepCountIs(2),
  prompt: "Generate a name"
});

Note: When using structured output with generateText, you must configure multiple steps with stopWhen because generating the structured output is itself a step.

workers-ai-provider v3.0.0

Seamless integration with Cloudflare Workers AI models through the updated workers-ai-provider v3.0.0 with AI SDK v6 support.

Model Setup with Workers AI

Use Cloudflare Workers AI models directly in your agent workflows:

import { createWorkersAI } from "workers-ai-provider";
import { useAgentChat } from "agents/ai-react";

// Create Workers AI model (v3.0.0 - enhanced v6 internals)
const model = createWorkersAI({
  binding: env.AI,
})("@cf/meta/llama-3.2-3b-instruct");

Enhanced File and Image Support

Workers AI models now support v6 file handling with automatic conversion:

// Send images and files to Workers AI models
sendMessage({
  role: "user",
  parts: [
    { type: "text", text: "Analyze this image:" },
    {
      type: "file",
      data: imageBuffer,
      mediaType: "image/jpeg",
    },
  ],
});

// Workers AI provider automatically converts to proper format

Streaming with Workers AI

Enhanced streaming support with automatic warning detection:

// Streaming with Workers AI models
const result = await streamText({
  model: createWorkersAI({ binding: env.AI })("@cf/meta/llama-3.2-3b-instruct"),
  messages: await convertToModelMessages(messages),
  onChunk: (chunk) => {
    // Enhanced streaming with warning handling
    console.log(chunk);
  },
});

ai-gateway-provider v3.0.0

The ai-gateway-provider v3.0.0 now supports AI SDK v6, enabling you to use Cloudflare AI Gateway with multiple AI providers including Anthropic, Azure, AWS Bedrock, Google Vertex, and Perplexity.

AI Gateway Setup

Use Cloudflare AI Gateway to add analytics, caching, and rate limiting to your AI applications:

import { createAIGateway } from "ai-gateway-provider";

// Create AI Gateway provider (v3.0.0 - enhanced v6 internals)
const model = createAIGateway({
  gatewayUrl: "https://gateway.ai.cloudflare.com/v1/your-account-id/gateway",
  headers: {
    "Authorization": `Bearer ${env.AI_GATEWAY_TOKEN}`
  }
})({
  provider: "openai",
  model: "gpt-4o"
});

Migration from v5

Deprecated APIs

The following APIs are deprecated in favor of the unified tool pattern:

Deprecated	Replacement
`AITool` type	Use AI SDK's `tool()` function on server
`extractClientToolSchemas()`	Define tools on server, no client schemas needed
`createToolsFromClientSchemas()`	Define tools on server with `tool()`
`toolsRequiringConfirmation` option	Use `needsApproval` on server tools
`experimental_automaticToolResolution`	Use `onToolCall` callback
`tools` option in `useAgentChat`	Use `onToolCall` for client-side execution
`addToolResult()`	Use `addToolOutput()`

Breaking Changes Summary

Unified Tool Pattern: All tools must be defined on the server using tool()
convertToModelMessages() is async: Add await to all calls
CoreMessage removed: Use ModelMessage instead
generateObject mode removed: Remove mode option
isToolUIPart behavior changed: Now checks both static and dynamic tool parts

Installation

Update your dependencies to use the latest versions:

npm install agents@^0.3.0 workers-ai-provider@^3.0.0 ai-gateway-provider@^3.0.0 ai@^6.0.0 @ai-sdk/react@^3.0.0 @ai-sdk/openai@^3.0.0

Resources

Migration Guide - Comprehensive migration documentation from v5 to v6
AI SDK v6 Documentation - Official AI SDK migration guide
AI SDK v6 Announcement - Learn about new features in v6
AI SDK Documentation - Complete AI SDK reference
GitHub Issues - Report bugs or request features

Feedback Welcome

We'd love your feedback! We're particularly interested in feedback on:

Migration experience - How smooth was the upgrade from v5 to v6?
Unified tool pattern - How does the new server-defined tool pattern work for you?
Dynamic tool approval - Does the needsApproval feature meet your needs?
AI Gateway integration - How well does the new provider work with your setup?

Cloudflare Fundamentals, Terraform - Terraform v5.15.0 now available

Fri, 19 Dec 2025 00:00:00 GMT

Earlier this year, we announced the launch of the new Terraform v5 Provider. We are aware of the high number of issues reported by the Cloudflare community related to the v5 release. We have committed to releasing improvements on a 2-3 week cadence to ensure its stability and reliability, including the v5.15 release. We have also pivoted from an issue-to-issue approach to a resource-per-resource approach - we will be focusing on specific resources to not only stabilize the resource but also ensure it is migration-friendly for those migrating from v4 to v5.

Thank you for continuing to raise issues. They make our provider stronger and help us build products that reflect your needs.

This release includes bug fixes, the stabilization of even more popular resources, and more.

Features

ai_search: Add AI Search endpoints (6f02adb)
certificate_pack: Ensure proper Terraform resource ID handling for path parameters in API calls (081f32a)
worker_version: Support startup_time_ms (286ab55)
zero_trust_dlp_custom_entry: Support upload_status (7dc0fe3)
zero_trust_dlp_entry: Support upload_status (7dc0fe3)
zero_trust_dlp_integration_entry: Support upload_status (7dc0fe3)
zero_trust_dlp_predefined_entry: Support upload_status (7dc0fe3)
zero_trust_gateway_policy: Support forensic_copy (5741fd0)
zero_trust_list: Support additional types (category, location, device) (5741fd0)

Bug fixes

access_rules: Add validation to prevent state drift. Ideally, we'd use Semantic Equality but since that isn't an option, this will remove a foot-gun. (4457791)
cloudflare_pages_project: Addressing drift issues (6edffcf) (3db318e)
cloudflare_worker: Can be cleanly imported (4859b52)
cloudflare_worker: Ensure clean imports (5b525bc)
list_items: Add validation for IP List items to avoid inconsistent state (b6733dc)
zero_trust_access_application: Remove all conditions from sweeper (3197f1a)
spectrum_application: Map missing fields during spectrum resource import (#6495) (ddb4e72)

Upgrade to newer version

We suggest waiting to migrate to v5 while we work on stabilization. This helps with avoiding any blocking issues while the Terraform resources are actively being stabilized. We will be releasing a new migration tool in March 2026 to help support v4 to v5 transitions for our most popular resources.

For more information

Workers - Static prerendering support for TanStack Start

Fri, 19 Dec 2025 00:00:00 GMT

TanStack Start apps can now prerender routes to static HTML at build time with access to build time environment variables and bindings, and serve them as static assets. To enable prerendering, configure the prerender option of the TanStack Start plugin in your Vite config:

import { defineConfig } from "vite";
import { cloudflare } from "@cloudflare/vite-plugin";
import { tanstackStart } from "@tanstack/react-start/plugin/vite";

export default defineConfig({
  plugins: [
    cloudflare({ viteEnvironment: { name: "ssr" } }),
    tanstackStart({
      prerender: {
        enabled: true,
      },
    }),
  ],
});

This feature requires @tanstack/react-start v1.138.0 or later. See the TanStack Start framework guide for more details.

AI Crawl Control - New AI Crawl Control Overview tab

Thu, 18 Dec 2025 00:00:00 GMT

The Overview tab is now the default view in AI Crawl Control. The previous default view with controls for individual AI crawlers is available in the Crawlers tab.

What's new

Executive summary — Monitor total requests, volume change, most common status code, most popular path, and high-volume activity
Operator grouping — Track crawlers by their operating companies (OpenAI, Microsoft, Google, ByteDance, Anthropic, Meta)
Customizable filters — Filter your snapshot by date range, crawler, operator, hostname, or path

Get started

Log in to the Cloudflare dashboard and select your account and domain.
Go to AI Crawl Control, where the Overview tab opens by default with your activity snapshot.
Use filters to customize your view by date range, crawler, operator, hostname, or path.
Navigate to the Crawlers tab to manage controls for individual crawlers.

Learn more about analyzing AI traffic and managing AI crawlers.

Analytics - Improved accuracy of cached request classification in analytics

Thu, 18 Dec 2025 00:00:00 GMT

The cached/uncached classification logic used in Zone Overview analytics has been updated to improve accuracy.

Previously, requests were classified as "cached" based on an overly broad condition that included blocked 403 responses, Snippets requests, and other non-cache request types. This caused inflated cache hit ratios — in some cases showing near-100% cached — and affected approximately 15% of requests classified as cached in rollups.

The condition has been removed from the Zone Overview page. Cached/uncached classification now aligns with the heuristics used in HTTP Analytics, so only requests genuinely served from cache are counted as cached.

What changed:

Zone Overview — Cache ratios now reflect actual cache performance.
HTTP Analytics — No change. HTTP Analytics already used the correct classification logic.
Historical data — This fix applies to new requests only. Previously logged data is not retroactively updated.

R2 - R2 Data Catalog now supports automatic snapshot expiration

Thu, 18 Dec 2025 00:00:00 GMT

R2 Data Catalog now supports automatic snapshot expiration for Apache Iceberg tables.

In Apache Iceberg, a snapshot is metadata that represents the state of a table at a given point in time. Every mutation creates a new snapshot which enable powerful features like time travel queries and rollback capabilities but will accumulate over time.

Without regular cleanup, these accumulated snapshots can lead to:

Metadata overhead
Slower table operations
Increased storage costs.

Snapshot expiration in R2 Data Catalog automatically removes old table snapshots based on your configured retention policy, improving performance and storage costs.

# Enable catalog-level snapshot expiration
# Expire snapshots older than 7 days, always retain at least 10 recent snapshots
npx wrangler r2 bucket catalog snapshot-expiration enable my-bucket \
  --older-than-days 7 \
  --retain-last 10

Snapshot expiration uses two parameters to determine which snapshots to remove:

--older-than-days: age threshold in days
--retain-last: minimum snapshot count to retain

Both conditions must be met before a snapshot is expired, ensuring you always retain recent snapshots even if they exceed the age threshold.

This feature complements automatic compaction, which optimizes query performance by combining small data files into larger ones. Together, these automatic maintenance operations keep your Iceberg tables performant and cost-efficient without manual intervention.

To learn more about snapshot expiration and how to configure it, visit our table maintenance documentation or see how to manage catalogs.

WAF - WAF Release - 2025-12-18

Thu, 18 Dec 2025 00:00:00 GMT

This week's release focuses on improvements to existing detections to enhance coverage.

Key Findings

Existing rule enhancements have been deployed to improve detection resilience against broad classes of web attacks and strengthen behavioral coverage.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	6429f7386b1546cf9dfce631be5ec20c	N/A	Atlassian Confluence - Code Injection - CVE:CVE-2021-26084 - Beta	Log	Block	This rule is merged into the original rule "Atlassian Confluence - Code Injection - CVE:CVE-2021-26084" (ID: e8c550810618437c953cf3a969e0b97a )
Cloudflare Managed Ruleset	9108ddb347b3497e9f9351640d9206e3	N/A	PostgreSQL - SQLi - Copy - Beta	Log	Block	This rule is merged into the original rule "PostgreSQL - SQLi - COPY" (ID: 705a6b5569d5472596910e3ce7265a4e )
Cloudflare Managed Ruleset	cb687d73cc954092b58b90b00cd00ba7	N/A	Generic Rules - Command Execution - Body	Log	Disabled	This is a new detection.
Cloudflare Managed Ruleset	bf30657ffa2a424cbf6570dbcd679ad4	N/A	Generic Rules - Command Execution - Header	Log	Disabled	This is a new detection.
Cloudflare Managed Ruleset	6df040f716194070a242967cfd181fb3	N/A	Generic Rules - Command Execution - URI	Log	Disabled	This is a new detection.
Cloudflare Managed Ruleset	39a4fdc37be948709fa7492e7a95bc3a	N/A	SQLi - Tautology - URI - Beta	Log	Block	This rule is merged into the original rule "SQLi - Tautology - URI" (ID: 4c580ea1b5174183b7f5e940b3de2e0a )
Cloudflare Managed Ruleset	810e0ffe1dd84e67b159129b432ac90d	N/A	SQLi - WaitFor Function - Beta	Log	Block	This rule is merged into the original rule "SQLi - WaitFor Function" (ID: b16fe708799441dea3049a99d5faba59 )
Cloudflare Managed Ruleset	80690005fef342e0ad6bc9af596c741e	N/A	SQLi - AND/OR Digit Operator Digit 2 - Beta	Log	Block	This rule is merged into the original rule "SQLi - AND/OR Digit Operator Digit" (ID: 98e7e08ae64247e2801ca4b388d80772 )
Cloudflare Managed Ruleset	eaf11ab80b0d491cbb7186f303b2f3fe	N/A	SQLi - Equation 2 - Beta	Log	Block	This rule is merged into the original rule "SQLi - Equation" (ID: 133c6f83cdf14509a4ca6b82a72a6b3a )

Workers for Platforms - Workers for Platforms - Dashboard Improvements

Thu, 18 Dec 2025 00:00:00 GMT

Workers for Platforms lets you build multi-tenant platforms on Cloudflare Workers, allowing your end users to deploy and run their own code on your platform. It's designed for anyone building an AI vibe coding platform, e-commerce platform, website builder, or any product that needs to securely execute user-generated code at scale.

Previously, setting up Workers for Platforms required using the API. Now, the Workers for Platforms UI supports namespace creation, dispatch worker templates, and tag management, making it easier for Workers for Platforms customers to build and manage multi-tenant platforms directly from the Cloudflare dashboard.

Key improvements

Namespace Management: You can now create and configure dispatch namespaces directly within the dashboard to start a new platform setup.
Dispatch Worker Templates: New Dispatch Worker templates allow you to quickly define how traffic is routed to individual Workers within your namespace. Refer to the Dynamic Dispatch documentation for more examples.
Tag Management: You can now set and update tags on User Workers, making it easier to group and manage your Workers.
Binding Visibility: Bindings attached to User Workers are now visible directly within the User Worker view.
Deploy Vibe Coding Platform in one-click: Deploy a reference implementation of an AI vibe coding platform directly from the dashboard. Powered by the Cloudflare's VibeSDK, this starter kit integrates with Workers for Platforms to handle the deployment of AI-generated projects at scale.

To get started, go to Workers for Platforms under Compute & AI in the Cloudflare dashboard.

Workers - Build image policies for Workers Builds and Cloudflare Pages

Thu, 18 Dec 2025 00:00:00 GMT

We've published build image policies for Workers Builds and Cloudflare Pages, which establish:

Minor version updates: We typically update preinstalled software to the latest available minor version without notice. For tools that don't follow semantic versioning (e.g., Bun or Hugo), we provide 3 months’ notice.
Major version updates: Before preinstalled software reaches end-of-life, we update to the next stable LTS version with 3 months’ notice.
Build image version deprecation (Pages only): We provide 6 months’ notice before deprecation. Projects on v1 or v2 will be automatically moved to v3 on their specified deprecation dates.

To prepare for updates, monitor the Cloudflare Changelog, dashboard notifications, and email. You can also override default versions to maintain specific versions.

Workers - Retrieve your authentication token with `wrangler auth token`

Thu, 18 Dec 2025 00:00:00 GMT

Wrangler now includes a new wrangler auth token command that retrieves your current authentication token or credentials for use with other tools and scripts.

wrangler auth token

The command returns whichever authentication method is currently configured, in priority order: API token from CLOUDFLARE_API_TOKEN, or OAuth token from wrangler login (automatically refreshed if expired).

Use the --json flag to get structured output including the token type:

wrangler auth token --json

The JSON output includes the authentication type:

// API token
{ "type": "api_token", "token": "..." }

// OAuth token
{ "type": "oauth", "token": "..." }

// API key/email (only available with --json)
{ "type": "api_key", "key": "...", "email": "..." }

API key/email credentials from CLOUDFLARE_API_KEY and CLOUDFLARE_EMAIL require the --json flag since this method uses two values instead of a single token.

Gateway, Cloudflare One - Shadow IT - domain level SaaS analytics

Wed, 17 Dec 2025 00:00:00 GMT

Zero Trust has again upgraded its Shadow IT analytics, providing you with unprecedented visibility into your organizations use of SaaS tools. With this dashboard, you can review who is using an application and volumes of data transfer to the application.

With this update, you can review data transfer metrics at the domain level, rather than just the application level, providing more granular insight into your data transfer patterns.

These metrics can be filtered by all available filters on the dashboard, including user, application, or content category.

Both the analytics and policies are accessible in the Cloudflare Zero Trust dashboard, empowering organizations with better visibility and control.

Cloudflare One - New duplicate action for supported Cloudflare One resources

Tue, 16 Dec 2025 00:00:00 GMT

You can now duplicate specific Cloudflare One resources with a single click from the dashboard.

Initially supported resources:

Access Applications
Access Policies
Gateway Policies

To try this out, simply click on the overflow menu (⋮) from the resource table and click Duplicate. We will continue to add the Duplicate action for resources throughout 2026.

Workers - Support for ctx.exports in @cloudflare/vitest-pool-workers

Tue, 16 Dec 2025 00:00:00 GMT

The @cloudflare/vitest-pool-workers package now supports the ctx.exports API, allowing you to access your Worker's top-level exports during tests.

You can access ctx.exports in unit tests by calling createExecutionContext():

import { createExecutionContext } from "cloudflare:test";
import { it, expect } from "vitest";

it("can access ctx.exports", async () => {
  const ctx = createExecutionContext();
  const result = await ctx.exports.MyEntryPoint.myMethod();
  expect(result).toBe("expected value");
});

Alternatively, you can import exports directly from cloudflare:workers:

import { exports } from "cloudflare:workers";
import { it, expect } from "vitest";

it("can access imported exports", async () => {
  const result = await exports.MyEntryPoint.myMethod();
  expect(result).toBe("expected value");
});

See the context-exports fixture for a complete example.

Workers - Configure your framework for Cloudflare automatically

Tue, 16 Dec 2025 00:00:00 GMT

Wrangler now supports automatic configuration for popular web frameworks in experimental mode, making it even easier to deploy to Cloudflare Workers.

Previously, if you wanted to deploy an application using a popular web framework like Next.js or Astro, you had to follow tutorials to set up your application for deployment to Cloudflare Workers. This usually involved creating a Wrangler file, installing adapters, or changing configuration options.

Now wrangler deploy does this for you. Starting with Wrangler 4.55, you can use npx wrangler deploy --x-autoconfig in the directory of any web application using one of the supported frameworks. Wrangler will then proceed to configure and deploy it to your Cloudflare account.

You can also configure your application without deploying it by using the new npx wrangler setup command. This enables you to easily review what changes we are making so your application is ready for Cloudflare Workers.

The following application frameworks are supported starting today:

Next.js
Astro
Nuxt
TanStack Start
SolidStart
React Router
SvelteKit
Docusaurus
Qwik
Analog

Automatic configuration also supports static sites by detecting the assets directory and build command. From a single index.html file to the output of a generator like Jekyll or Hugo, you can just run npx wrangler deploy --x-autoconfig to upload to Cloudflare.

We're really excited to bring you automatic configuration so you can do more with Workers. Please let us know if you run into challenges using this experimentally. We’ve opened a GitHub discussion and would love to hear your feedback.

Durable Objects, Workers - New Best Practices guide for Durable Objects

Mon, 15 Dec 2025 00:00:00 GMT

A new Rules of Durable Objects guide is now available, providing opinionated best practices for building effective Durable Objects applications. This guide covers design patterns, storage strategies, concurrency, and common anti-patterns to avoid.

Key guidance includes:

Design around your "atom" of coordination — Create one Durable Object per logical unit (chat room, game session, user) instead of a global singleton that becomes a bottleneck.
Use SQLite storage with RPC methods — SQLite-backed Durable Objects with typed RPC methods provide the best developer experience and performance.
Understand input and output gates — Learn how Cloudflare's runtime prevents data races by default, how write coalescing works, and when to use blockConcurrencyWhile().
Leverage Hibernatable WebSockets — Reduce costs for real-time applications by allowing Durable Objects to sleep while maintaining WebSocket connections.

The testing documentation has also been updated with modern patterns using @cloudflare/vitest-pool-workers, including examples for testing SQLite storage, alarms, and direct instance access:

JavaScript

import { env, runDurableObjectAlarm } from "cloudflare:test";
import { it, expect } from "vitest";

it("can test Durable Objects with isolated storage", async () => {
  const stub = env.COUNTER.getByName("test");

  // Call RPC methods directly on the stub
  await stub.increment();
  expect(await stub.getCount()).toBe(1);

  // Trigger alarms immediately without waiting
  await runDurableObjectAlarm(stub);
});

TypeScript

import { env, runDurableObjectAlarm } from "cloudflare:test";
import { it, expect } from "vitest";

it("can test Durable Objects with isolated storage", async () => {
  const stub = env.COUNTER.getByName("test");

  // Call RPC methods directly on the stub
  await stub.increment();
  expect(await stub.getCount()).toBe(1);

  // Trigger alarms immediately without waiting
  await runDurableObjectAlarm(stub);
});

Durable Objects, Workers - Billing for SQLite Storage

Fri, 12 Dec 2025 00:00:00 GMT

Storage billing for SQLite-backed Durable Objects will be enabled in January 2026, with a target date of January 7, 2026 (no earlier).

To view your SQLite storage usage, go to the Durable Objects page

Go to Durable Objects

If you do not want to incur costs, please take action such as optimizing queries or deleting unnecessary stored data in order to reduce your SQLite storage usage ahead of the January 7th target. Only usage on and after the billing target date will incur charges.

Developers on the Workers Paid plan with Durable Object's SQLite storage usage beyond included limits will incur charges according to SQLite storage pricing announced in September 2024 with the public beta. Developers on the Workers Free plan will not be charged.

Compute billing for SQLite-backed Durable Objects has been enabled since the initial public beta. SQLite-backed Durable Objects currently incur charges for requests and duration, and no changes are being made to compute billing.

For more information about SQLite storage pricing and limits, refer to the Durable Objects pricing documentation.

R2 SQL - R2 SQL now supports aggregations and schema discovery

Fri, 12 Dec 2025 00:00:00 GMT

R2 SQL now supports aggregation functions, GROUP BY, HAVING, along with schema discovery commands to make it easy to explore your data catalog.

Aggregation Functions

You can now perform aggregations on Apache Iceberg tables in R2 Data Catalog using standard SQL functions including COUNT(*), SUM(), AVG(), MIN(), and MAX(). Combine these with GROUP BY to analyze data across dimensions, and use HAVING to filter aggregated results.

-- Calculate average transaction amounts by department
SELECT department, COUNT(*), AVG(total_amount)
FROM my_namespace.sales_data
WHERE region = 'North'
GROUP BY department
HAVING COUNT(*) > 50
ORDER BY AVG(total_amount) DESC

-- Find high-value departments
SELECT department, SUM(total_amount)
FROM my_namespace.sales_data
GROUP BY department
HAVING SUM(total_amount) > 50000

Schema Discovery

New metadata commands make it easy to explore your data catalog and understand table structures:

SHOW DATABASES or SHOW NAMESPACES - List all available namespaces
SHOW TABLES IN namespace_name - List tables within a namespace
DESCRIBE namespace_name.table_name - View table schema and column types

❯ npx wrangler r2 sql query "{ACCOUNT_ID}_{BUCKET_NAME}" "DESCRIBE default.sales_data;"

 ⛅️ wrangler 4.54.0
─────────────────────────────────────────────

┌──────────────────┬────────────────┬──────────┬─────────────────┬───────────────┬───────────────────────────────────────────────────────────────────────────────────────────────────┐
│ column_name      │ type           │ required │ initial_default │ write_default │ doc                                                                                               │
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ sale_id          │ BIGINT         │ false    │                 │               │ Unique identifier for each sales transaction                                                      │
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ sale_timestamp   │ TIMESTAMPTZ    │ false    │                 │               │ Exact date and time when the sale occurred (used for partitioning)                                │
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ department       │ TEXT           │ false    │                 │               │ Product department (8 categories: Electronics, Beauty, Home, Toys, Sports, Food, Clothing, Books) │
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ category         │ TEXT           │ false    │                 │               │ Product category grouping (4 categories: Premium, Standard, Budget, Clearance)                    │
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ region           │ TEXT           │ false    │                 │               │ Geographic sales region (5 regions: North, South, East, West, Central)                            │
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ product_id       │ INT            │ false    │                 │               │ Unique identifier for the product sold                                                            │
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ quantity         │ INT            │ false    │                 │               │ Number of units sold in this transaction (range: 1-50)                                            │
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ unit_price       │ DECIMAL(10, 2) │ false    │                 │               │ Price per unit in dollars (range: $5.00-$500.00)                                                  │
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ total_amount     │ DECIMAL(10, 2) │ false    │                 │               │ Total sale amount before tax (quantity × unit_price with discounts applied)                       │
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ discount_percent │ INT            │ false    │                 │               │ Discount percentage applied to this sale (0-50%)                                                  │
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ tax_amount       │ DECIMAL(10, 2) │ false    │                 │               │ Tax amount collected on this sale                                                                 │
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ profit_margin    │ DECIMAL(10, 2) │ false    │                 │               │ Profit margin on this sale as a decimal percentage                                                │
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ customer_id      │ INT            │ false    │                 │               │ Unique identifier for the customer who made the purchase                                          │
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ is_online_sale   │ BOOLEAN        │ false    │                 │               │ Boolean flag indicating if sale was made online (true) or in-store (false)                        │
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤
│ sale_date        │ DATE           │ false    │                 │               │ Calendar date of the sale (extracted from sale_timestamp)                                         │
└──────────────────┴────────────────┴──────────┴─────────────────┴───────────────┴───────────────────────────────────────────────────────────────────────────────────────────────────┘
Read 0 B across 0 files from R2
On average, 0 B / s

To learn more about the new aggregation capabilities and schema discovery commands, check out the SQL reference. If you're new to R2 SQL, visit our getting started guide to begin querying your data.

Logs - SentinelOne as Logpush destination

Thu, 11 Dec 2025 00:00:00 GMT

Cloudflare Logpush now supports SentinelOne as a native destination.

Logs from Cloudflare can be sent to SentinelOne AI SIEM via Logpush. The destination can be configured through the Logpush UI in the Cloudflare dashboard or by using the Logpush API.

For more information, refer to the Destination Configuration documentation.

WAF - WAF Release - 2025-12-11 - Emergency

Thu, 11 Dec 2025 00:00:00 GMT

This emergency release introduces rules for CVE-2025-55183 and CVE-2025-55184, targeting server-side function exposure and resource-exhaustion patterns, respectively.

Key Findings

Added coverage for Leaking Server Functions (CVE-2025-55183) and React Function DoS detection (CVE-2025-55184).

Impact

These updates strengthen protection for server-function abuse techniques (CVE-2025-55183, CVE-2025-55184) that may expose internal logic or disrupt application availability.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	17c5123f1ac049818765ebf2fefb4e9b	N/A	React - Leaking Server Functions - CVE:CVE-2025-55183	N/A	Block	This was labeled as Generic - Server Function Source Code Exposure.
Cloudflare Free Ruleset	3114709a3c3b4e3685052c7b251e86aa	N/A	React - Leaking Server Functions - CVE:CVE-2025-55183	N/A	Block	This was labeled as Generic - Server Function Source Code Exposure.
Cloudflare Managed Ruleset	2694f1610c0b471393b21aef102ec699	N/A	React - DoS - CVE:CVE-2025-55184	N/A	Disabled	This was labeled as Generic – Server Function Resource Exhaustion.

AI Crawl Control - Pay Per Crawl (Private beta) - Discovery API, custom pricing, and advanced configuration

Wed, 10 Dec 2025 00:00:00 GMT

Pay Per Crawl is introducing enhancements for both AI crawler operators and site owners, focusing on programmatic discovery, flexible pricing models, and granular configuration control.

For AI crawler operators

Discovery API

A new authenticated API endpoint allows verified crawlers to programmatically discover domains participating in Pay Per Crawl. Crawlers can use this to build optimized crawl queues, cache domain lists, and identify new participating sites. This eliminates the need to discover payable content through trial requests.

The API endpoint is GET https://crawlers-api.ai-audit.cfdata.org/charged_zones and requires Web Bot Auth authentication. Refer to Discover payable content for authentication steps, request parameters, and response schema.

Payment header signature requirement

Payment headers (crawler-exact-price or crawler-max-price) must now be included in the Web Bot Auth signature-input header components. This security enhancement prevents payment header tampering, ensures authenticated payment intent, validates crawler identity with payment commitment, and protects against replay attacks with modified pricing. Crawlers must add their payment header to the list of signed components when constructing the signature-input header.

New `crawler-error` header

Pay Per Crawl error responses now include a new crawler-error header with 11 specific error codes for programmatic handling. Error response bodies remain unchanged for compatibility. These codes enable robust error handling, automated retry logic, and accurate spending tracking.

For site owners

Configure free pages

Site owners can now offer free access to specific pages like homepages, navigation, or discovery pages while charging for other content. Create a Configuration Rule in Rules > Configuration Rules, set your URI pattern using wildcard, exact, or prefix matching on the URI Full field, and enable the Disable Pay Per Crawl setting. When disabled for a URI pattern, crawler requests pass through without blocking or charging.

Some paths are always free to crawl. These paths are: /robots.txt, /sitemap.xml, /security.txt, /.well-known/security.txt, /crawlers.json.

Get started

AI crawler operators: Discover payable content | Crawl pages

Site owners: Advanced configuration

WAF - WAF Release - 2025-12-10 - Emergency

Wed, 10 Dec 2025 00:00:00 GMT

This additional week's emergency release introduces improvements to our existing rule for React – Remote Code Execution – CVE-2025-55182 - 2, along with two new generic detections covering server-side function exposure and resource-exhaustion patterns.

Key Findings

Enhanced detection logic for React – RCE – CVE-2025-55182, added Generic – Server Function Source Code Exposure, and added Generic – Server Function Resource Exhaustion.

Impact

These updates strengthen protection against React RCE exploitation attempts and broaden coverage for common server-function abuse techniques that may expose internal logic or disrupt application availability.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	bc1aee59731c488ca8b5314615fce168	N/A	React - Remote Code Execution - CVE:CVE-2025-55182 - 2	N/A	Block	This is an improved detection.
Cloudflare Free Ruleset	cbdd3f48396e4b7389d6efd174746aff	N/A	React - Remote Code Execution - CVE:CVE-2025-55182 - 2	N/A	Block	This is an improved detection.
Cloudflare Managed Ruleset	17c5123f1ac049818765ebf2fefb4e9b	N/A	Generic - Server Function Source Code Exposure	N/A	Block	This is a new detection.
Cloudflare Free Ruleset	3114709a3c3b4e3685052c7b251e86aa	N/A	Generic - Server Function Source Code Exposure	N/A	Block	This is a new detection.
Cloudflare Managed Ruleset	2694f1610c0b471393b21aef102ec699	N/A	Generic - Server Function Resource Exhaustion	N/A	Disabled	This is a new detection.

Cloudflare One Client - WARP client for Windows (version 2025.10.118.1)

Tue, 09 Dec 2025 23:03:10 GMT

A new Beta release for the Windows WARP client is now available on the beta releases downloads page.

This release contains minor fixes and improvements.

Changes and improvements

The Local Domain Fallback feature has been fixed for devices running WARP client version 2025.4.929.0 and newer. Previously, these devices could experience failures with Local Domain Fallback unless a fallback server was explicitly configured. This configuration is no longer a requirement for the feature to function correctly.
Proxy mode now supports transparent HTTP proxying in addition to CONNECT-based proxying.
Fixed an issue where sending large messages to the WARP daemon by Inter-Process Communication (IPC) could cause WARP to crash and result in service interruptions.

Known issues

For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum Windows 11 24H2 KB5062553 or higher for resolution.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2025.10.118.1)

Tue, 09 Dec 2025 23:02:28 GMT

A new Beta release for the macOS WARP client is now available on the beta releases downloads page.

This release contains minor fixes and improvements.

Changes and improvements

The Local Domain Fallback feature has been fixed for devices running WARP client version 2025.4.929.0 and newer. Previously, these devices could experience failures with Local Domain Fallback unless a fallback server was explicitly configured. This configuration is no longer a requirement for the feature to function correctly.
Proxy mode now supports transparent HTTP proxying in addition to CONNECT-based proxying.

Workers - Python cold start improvements

Mon, 08 Dec 2025 00:00:00 GMT

Python Workers now feature improved cold start performance, reducing initialization time for new Worker instances. This improvement is particularly noticeable for Workers with larger dependency sets or complex initialization logic.

Every time you deploy a Python Worker, a memory snapshot is captured after the top level of the Worker is executed. This snapshot captures all imports, including package imports that are often costly to load. The memory snapshot is loaded when the Worker is first started, avoiding the need to reload the Python runtime and all dependencies on each cold start.

We set up a benchmark that imports common packages (httpx, fastapi and pydantic) to see how Python Workers stack up against other platforms:

Platform	Mean Cold Start (ms)
Cloudflare Python Workers	1027
AWS Lambda	2502
Google Cloud Run	3069

These benchmarks run continuously. You can view the results and the methodology on our benchmark page.

In additional testing, we have found that without any memory snapshot, the cold start for this benchmark takes around 10 seconds, so this change improves cold start performance by roughly a factor of 10.

To get started with Python Workers, check out our Python Workers overview.

Workers - Easy Python package management with Pywrangler

Mon, 08 Dec 2025 00:00:00 GMT

We are introducing a brand new tool called Pywrangler, which simplifies package management in Python Workers by automatically installing Workers-compatible Python packages into your project.

With Pywrangler, you specify your Worker's Python dependencies in your pyproject.toml file:

[project]
name = "python-beautifulsoup-worker"
version = "0.1.0"
description = "A simple Worker using beautifulsoup4"
requires-python = ">=3.12"
dependencies = [
    "beautifulsoup4"
]

[dependency-groups]
dev = [
  "workers-py",
  "workers-runtime-sdk"
]

You can then develop and deploy your Worker using the following commands:

uv run pywrangler dev
uv run pywrangler deploy

Pywrangler automatically downloads and vendors the necessary packages for your Worker, and these packages are bundled with the Worker when you deploy.

Consult the Python packages documentation for full details on Pywrangler and Python package management in Workers.

Workers - Wrangler config is optional when using Vite plugin

Mon, 08 Dec 2025 00:00:00 GMT

When using the Cloudflare Vite plugin to build and deploy Workers, a Wrangler configuration file is now optional for assets-only (static) sites. If no wrangler.toml, wrangler.json, or wrangler.jsonc file is found, the plugin generates sensible defaults for an assets-only site. The name is based on the package.json or the project directory name, and the compatibility_date uses the latest date supported by your installed Miniflare version.

This allows easier setup for static sites using Vite. Note that SPAs will still need to set assets.not_found_handling to single-page-application in order to function correctly.

Workers - Configure Workers programmatically using the Vite plugin

Mon, 08 Dec 2025 00:00:00 GMT

The Cloudflare Vite plugin now supports programmatic configuration of Workers without a Wrangler configuration file. You can use the config option to define Worker settings directly in your Vite configuration, or to modify existing configuration loaded from a Wrangler config file. This is particularly useful when integrating with other build tools or frameworks, as it allows them to control Worker configuration without needing users to manage a separate config file.

The `config` option

The Vite plugin's new config option accepts either a partial configuration object or a function that receives the current configuration and returns overrides. This option is applied after any config file is loaded, allowing the plugin to override specific values or define Worker configuration entirely in code.

Example usage

Setting config to an object to provide configuration values that merge with defaults and config file settings:

import { defineConfig } from "vite";
import { cloudflare } from "@cloudflare/vite-plugin";

export default defineConfig({
  plugins: [
    cloudflare({
      config: {
        name: "my-worker",
        compatibility_flags: ["nodejs_compat"],
        send_email: [
          {
            name: "EMAIL",
          },
        ],
      },
    }),
  ],
});

Use a function to modify the existing configuration:

import { defineConfig } from "vite";
import { cloudflare } from "@cloudflare/vite-plugin";
export default defineConfig({
  plugins: [
    cloudflare({
      config: (userConfig) => {
        delete userConfig.compatibility_flags;
      },
    }),
  ],
});

Return an object with values to merge:

import { defineConfig } from "vite";
import { cloudflare } from "@cloudflare/vite-plugin";

export default defineConfig({
  plugins: [
    cloudflare({
      config: (userConfig) => {
        if (!userConfig.compatibility_flags.includes("no_nodejs_compat")) {
          return { compatibility_flags: ["nodejs_compat"] };
        }
      },
    }),
  ],
});

Auxiliary Workers

Auxiliary Workers also support the config option, enabling multi-Worker architectures without config files.

Define auxiliary Workers without config files using config inside the auxiliaryWorkers array:

import { defineConfig } from "vite";
import { cloudflare } from "@cloudflare/vite-plugin";

export default defineConfig({
  plugins: [
    cloudflare({
      config: {
        name: "entry-worker",
        main: "./src/entry.ts",
        services: [{ binding: "API", service: "api-worker" }],
      },
      auxiliaryWorkers: [
        {
          config: {
            name: "api-worker",
            main: "./src/api.ts",
          },
        },
      ],
    }),
  ],
});

For more details and examples, see Programmatic configuration.

Cloudflare Fundamentals, Terraform - Terraform v5.14.0 now available

Fri, 05 Dec 2025 00:00:00 GMT

Earlier this year, we announced the launch of the new Terraform v5 Provider. We are aware of the high number of issues reported by the Cloudflare community related to the v5 release. We have committed to releasing improvements on a 2-3 week cadence to ensure its stability and reliability, including the v5.14 release. We have also pivoted from an issue-to-issue approach to a resource-per-resource approach - we will be focusing on specific resources to not only stabilize the resource but also ensure it is migration-friendly for those migrating from v4 to v5.

Thank you for continuing to raise issues. They make our provider stronger and help us build products that reflect your needs.

This release includes bug fixes, the stabilization of even more popular resources, and more.

Deprecation notice

Resource affected: api_shield_discovery_operation

Cloudflare continuously discovers and updates API endpoints and web assets of your web applications. To improve the maintainability of these dynamic resources, we are working on reducing the need to actively engage with discovered operations.

The corresponding public API endpoint of discovered operations is not affected and will continue to be supported.

Features

pages_project: Add v4 -> v5 migration tests (#6506)

Bug fixes

account_members: Makes member policies a set (#6488)
pages_project: Ensures non empty refresh plans (#6515)
R2: Improves sweeper (#6512)
workers_kv: Ignores value import state for verify (#6521)
workers_script: No longer treats the migrations attribute as WriteOnly (#6489)
workers_script: Resolves resource drift when worker has unmanaged secret (#6504)
zero_trust_device_posture_rule: Preserves input.version and other fields (#6500) and (#6503)
zero_trust_dlp_custom_profile: Adds sweepers for dlp_custom_profile
zone_subscription|account_subscription: Adds partners_ent as valid enum for rate_plan.id (#6505)
zone: Ensures datasource model schema parity (#6487)
subscription: Updates import signature to accept account_id/subscription_id to import account subscription (#6510)

Upgrade to newer version

For more information

WAF - Increased WAF payload limit for all plans

Fri, 05 Dec 2025 00:00:00 GMT

Cloudflare WAF now inspects request-payload size of up to 1 MB across all plans to enhance our detection capabilities for React RCE (CVE-2025-55182).

Key Findings

React payloads commonly have a default maximum size of 1 MB. Cloudflare WAF previously inspected up to 128 KB on Enterprise plans, with even lower limits on other plans.

Update: We later reinstated the maximum request-payload size the Cloudflare WAF inspects. Refer to Updating the WAF maximum payload values for details.

WAF - Updating the WAF maximum payload values

Fri, 05 Dec 2025 00:00:00 GMT

We are reinstating the maximum request-payload size the Cloudflare WAF inspects, with WAF on Enterprise zones inspecting up to 128 KB.

Key Findings

On December 5, 2025, we initially attempted to increase the maximum WAF payload limit to 1 MB across all plans. However, an automatic rollout for all customers proved impractical because the increase led to a surge in false positives for existing managed rules.

This issue was particularly notable within the Cloudflare Managed Ruleset and the Cloudflare OWASP Core Ruleset, impacting customer traffic.

Impact

Customers on paid plans can increase the limit to 1 MB for any of their zones by contacting Cloudflare Support. Free zones are already protected up to 1 MB and do not require any action.

Hyperdrive - Connect to remote databases during local development with wrangler dev

Thu, 04 Dec 2025 00:00:00 GMT

You can now connect directly to remote databases and databases requiring TLS with wrangler dev. This lets you run your Worker code locally while connecting to remote databases, without needing to use wrangler dev --remote.

The localConnectionString field and CLOUDFLARE_HYPERDRIVE_LOCAL_CONNECTION_STRING_<BINDING_NAME> environment variable can be used to configure the connection string used by wrangler dev.

{
  "hyperdrive": [
    {
      "binding": "HYPERDRIVE",
      "id": "your-hyperdrive-id",
      "localConnectionString": "postgres://user:password@remote-host.example.com:5432/database?sslmode=require"
    }
  ]
}

Learn more about local development with Hyperdrive.

Workers - One-click Access protection for Workers now creates reusable Cloudflare Access policies

Thu, 04 Dec 2025 00:00:00 GMT

Workers applications now use reusable Cloudflare Access policies to reduce duplication and simplify access management across multiple Workers.

Previously, enabling Cloudflare Access on a Worker created per-application policies, unique to each application. Now, we create reusable policies that can be shared across applications:

Preview URLs: All Workers preview URLs share a single "Cloudflare Workers Preview URLs" policy across your account. This policy is automatically created the first time you enable Access on any preview URL. By sharing a single policy across all preview URLs, you can configure access rules once and have them apply company-wide to all Workers which protect preview URLs. This makes it much easier to manage who can access preview environments without having to update individual policies for each Worker.
Production workers.dev URLs: When enabled, each Worker gets its own reusable policy (named <worker-name> - Production) by default. We recognize production services often have different access requirements and having individual policies here makes it easier to configure service-to-service authentication or protect internal dashboards or applications with specific user groups. Keeping these policies separate gives you the flexibility to configure exactly the right access rules for each production service. When you disable Access on a production Worker, the associated policy is automatically cleaned up if it's not being used by other applications.

This change reduces policy duplication, simplifies cross-company access management for preview environments, and provides the flexibility needed for production services. You can still customize access rules by editing the reusable policies in the Zero Trust dashboard.

To enable Cloudflare Access on your Worker:

In the Cloudflare dashboard, go to Workers & Pages.
Select your Worker.
Go to Settings > Domains & Routes.
For workers.dev or Preview URLs, click Enable Cloudflare Access.
Optionally, click Manage Cloudflare Access to customize the policy.

For more information on configuring Cloudflare Access for Workers, refer to the Workers Access documentation.

Email security - Reclassifications to Submissions

Wed, 03 Dec 2025 21:11:33 GMT

We have updated the terminology “Reclassify” and “Reclassifications” to “Submit” and “Submissions” respectively. This update more accurately reflects the outcome of providing these items to Cloudflare.

Submissions are leveraged to tune future variants of campaigns. To respect data sanctity, providing a submission does not change the original disposition of the emails submitted.

This applies to all Email Security packages:

Advantage
Enterprise
Enterprise + PhishGuard

WAF - WAF Release - 2025-12-03 - Emergency

Wed, 03 Dec 2025 00:00:00 GMT

The WAF rule deployed yesterday to block unsafe deserialization-based RCE has been updated. The rule description now reads “React – RCE – CVE-2025-55182”, explicitly mapping to the recently disclosed React Server Components vulnerability. Detection logic remains unchanged.

Key Findings

Rule description updated to reference React – RCE – CVE-2025-55182 while retaining existing unsafe-deserialization detection.

Impact

Improved classification and traceability with no change to coverage against remote code execution attempts.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	33aa8a8a948b48b28d40450c5fb92fba	N/A	React - RCE - CVE:CVE-2025-55182	N/A	Block	Rule metadata description changed. Detection unchanged.
Cloudflare Free Ruleset	2b5d06e34a814a889bee9a0699702280	N/A	React - RCE - CVE:CVE-2025-55182	N/A	Block	Rule metadata description changed. Detection unchanged.

WAF - WAF Release - 2025-12-02 - Emergency

Tue, 02 Dec 2025 00:00:00 GMT

This week's emergency release introduces a new rule to block a critical RCE vulnerability in widely-used web frameworks through unsafe deserialization patterns.

Key Findings

New WAF rule deployed for RCE Generic Framework to block malicious POST requests containing unsafe deserialization patterns. If successfully exploited, this vulnerability allows attackers with network access via HTTP to execute arbitrary code remotely.

Impact

Successful exploitation allows unauthenticated attackers to execute arbitrary code remotely through crafted serialization payloads, enabling complete system compromise, data exfiltration, and potential lateral movement within affected environments.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	33aa8a8a948b48b28d40450c5fb92fba	N/A	RCE Generic - Framework	N/A	Block	This is a new detection.
Cloudflare Free Ruleset	2b5d06e34a814a889bee9a0699702280	N/A	RCE Generic - Framework	N/A	Block	This is a new detection.

WAF - WAF Release - 2025-12-01

Mon, 01 Dec 2025 00:00:00 GMT

This week’s release introduces new detections for remote code execution attempts targeting Monsta FTP (CVE-2025-34299), alongside improvements to an existing XSS detection to enhance coverage.

Key Findings

CVE-2025-34299 is a critical remote code execution flaw in Monsta FTP, arising from improper handling of user-supplied parameters within the file-handling interface. Certain builds allow crafted requests to bypass sanitization and reach backend PHP functions that execute arbitrary commands. Attackers can send manipulated parameters through the web panel to trigger command execution within the application’s runtime environment.

Impact

If exploited, the vulnerability enables full remote command execution on the underlying server, allowing takeover of the hosting environment, unauthorized file access, and potential lateral movement. As the flaw can be triggered without authentication on exposed Monsta FTP instances, it represents a severe risk for publicly reachable deployments.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	480da5e7984542a6b8d8d88da4fcc8a8	N/A	Monsta FTP - Remote Code Execution - CVE:CVE-2025-34299	Log	Block	This is a new detection
Cloudflare Managed Ruleset	2380b125c53d42ac94479c42b7492846	N/A	XSS - JS Context Escape - Beta	Log	Block	This rule is merged into the original rule "XSS - JS Context Escape" (ID: c1ad1bc37caa4cbeb104f44f7a3769d3 )

Agents, Workers - Agents SDK v0.2.24 with resumable streaming, MCP improvements, and schedule fixes

Wed, 26 Nov 2025 00:00:00 GMT

The latest release of @cloudflare/agents brings resumable streaming, significant MCP client improvements, and critical fixes for schedules and Durable Object lifecycle management.

Resumable streaming

AIChatAgent now supports resumable streaming, allowing clients to reconnect and continue receiving streamed responses without losing data. This is useful for:

Long-running AI responses
Users on unreliable networks
Users switching between devices mid-conversation
Background tasks where users navigate away and return
Real-time collaboration where multiple clients need to stay in sync

Streams are maintained across page refreshes, broken connections, and syncing across open tabs and devices.

Other improvements

Default JSON schema validator added to MCP client
Schedules can now safely destroy the agent

MCP client API improvements

The MCPClientManager API has been redesigned for better clarity and control:

New registerServer() method: Register MCP servers without immediately connecting
New connectToServer() method: Establish connections to registered servers
Improved reconnect logic: restoreConnectionsFromStorage() now properly handles failed connections

// Register a server to Agent
const { id } = await this.mcp.registerServer({
  name: "my-server",
  url: "https://my-mcp-server.example.com",
});

// Connect when ready
await this.mcp.connectToServer(id);

// Discover tools, prompts and resources
await this.mcp.discoverIfConnected(id);

The SDK now includes a formalized MCPConnectionState enum with states: idle, connecting, authenticating, connected, discovering, and ready.

Enhanced MCP discovery

MCP discovery fetches the available tools, prompts, and resources from an MCP server so your agent knows what capabilities are available. The MCPClientConnection class now includes a dedicated discover() method with improved reliability:

Supports cancellation via AbortController
Configurable timeout (default 15s)
Discovery failures now throw errors immediately instead of silently continuing

Bug fixes

Fixed a bug where schedules meant to fire immediately with this.schedule(0, ...) or this.schedule(new Date(), ...) would not fire
Fixed an issue where schedules that took longer than 30 seconds would occasionally time out
Fixed SSE transport now properly forwards session IDs and request headers
Fixed AI SDK stream events convertion to UIMessageStreamPart

Upgrade

To update to the latest version:

npm i agents@latest

Cache - Audit Logs for Cache Purge Events

Tue, 25 Nov 2025 00:00:00 GMT

You can now review detailed audit logs for cache purge events, giving you visibility into what purge requests were sent, what they contained, and by whom. Audit your purge requests via the Dashboard or API for all purge methods:

Purge everything
List of prefixes
List of tags
List of hosts
List of files

Example

The detailed audit payload is visible within the Cloudflare Dashboard (under Manage Account > Audit Logs) and via the API. Below is an example of the Audit Logs v2 payload structure:

{
  "action": {
    "result": "success",
    "type": "create"
  },
  "actor": {
    "id": "1234567890abcdef",
    "email": "user@example.com",
    "type": "user"
  },
  "resource": {
    "product": "purge_cache",
    "request": {
      "files": [
        "https://example.com/images/logo.png",
        "https://example.com/css/styles.css"
      ]
    }
  },
  "zone": {
    "id": "023e105f4ecef8ad9ca31a8372d0c353",
    "name": "example.com"
  }
}

Get started

To get started, refer to the Audit Logs documentation.

Workers AI - Launching FLUX.2 [dev] on Workers AI

Tue, 25 Nov 2025 00:00:00 GMT

We've partnered with Black Forest Labs (BFL) to bring their latest FLUX.2 [dev] model to Workers AI! This model excels in generating high-fidelity images with physical world grounding, multi-language support, and digital asset creation. You can also create specific super images with granular controls like JSON prompting.

Read the BFL blog to learn more about the model itself. Read our Cloudflare blog to see the model in action, or try it out yourself on our multi modal playground.

Pricing documentation is available on the model page or pricing page. Note, we expect to drop pricing in the next few days after iterating on the model performance.

Workers AI Platform specifics

The model hosted on Workers AI is able to support up to 4 image inputs (512x512 per input image). Note, this image model is one of the most powerful in the catalog and is expected to be slower than the other image models we currently support. One catch to look out for is that this model takes multipart form data inputs, even if you just have a prompt.

With the REST API, the multipart form data input looks like this:

curl --request POST \
  --url 'https://api.cloudflare.com/client/v4/accounts/{ACCOUNT}/ai/run/@cf/black-forest-labs/flux-2-dev' \
  --header 'Authorization: Bearer {TOKEN}' \
  --header 'Content-Type: multipart/form-data' \
  --form 'prompt=a sunset at the alps' \
  --form steps=25
  --form width=1024
  --form height=1024

With the Workers AI binding, you can use it as such:

const form = new FormData();
form.append('prompt', 'a sunset with a dog');
form.append('width', '1024');
form.append('height', '1024');

//this dummy request is temporary hack
//we're pushing a change to address this soon
const formRequest = new Request('http://dummy', {
  method: 'POST',
  body: form
});
const formStream = formRequest.body;
const formContentType = formRequest.headers.get('content-type') || 'multipart/form-data';

const resp = await env.AI.run("@cf/black-forest-labs/flux-2-dev", {
  multipart: {
    body: formStream,
    contentType: formContentType
  }
});

The parameters you can send to the model are detailed here:

JSON Schema for Model

Required Parameters

prompt (string) - Text description of the image to generate

Optional Parameters

input_image_0 (string) - Binary image
input_image_1 (string) - Binary image
input_image_2 (string) - Binary image
input_image_3 (string) - Binary image
steps (integer) - Number of inference steps. Higher values may improve quality but increase generation time
guidance (float) - Guidance scale for generation. Higher values follow the prompt more closely
width (integer) - Width of the image, default 1024 Range: 256-1920
height (integer) - Height of the image, default 768 Range: 256-1920
seed (integer) - Seed for reproducibility

## Multi-Reference Images

The FLUX.2 model is great at generating images based on reference images. You can use this feature to apply the style of one image to another, add a new character to an image, or iterate on past generate images. You would use it with the same multipart form data structure, with the input images in binary.

For the prompt, you can reference the images based on the index, like `take the subject of image 1 and style it like image 0` or even use natural language like `place the dog beside the woman`.

Note: you have to name the input parameter as `input_image_0`, `input_image_1`, `input_image_2` for it to work correctly. All input images must be smaller than 512x512.

```bash
curl --request POST \
  --url 'https://api.cloudflare.com/client/v4/accounts/{ACCOUNT}/ai/run/@cf/black-forest-labs/flux-2-dev' \
  --header 'Authorization: Bearer {TOKEN}' \
  --header 'Content-Type: multipart/form-data' \
  --form 'prompt=take the subject of image 1 and style it like image 0' \
  --form input_image_0=@/Users/johndoe/Desktop/icedoutkeanu.png \
  --form input_image_1=@/Users/johndoe/Desktop/me.png \
  --form steps=25
  --form width=1024
  --form height=1024

Through Workers AI Binding:

//helper function to convert ReadableStream to Blob
async function streamToBlob(stream: ReadableStream, contentType: string): Promise<Blob> {
  const reader = stream.getReader();
  const chunks = [];

  while (true) {
    const { done, value } = await reader.read();
    if (done) break;
    chunks.push(value);
  }

  return new Blob(chunks, { type: contentType });
}

const image0 = await fetch("http://image-url");
const image1 = await fetch("http://image-url");
const form = new FormData();

const image_blob0 = await streamToBlob(image0.body, "image/png");
const image_blob1 = await streamToBlob(image1.body, "image/png");
form.append('input_image_0', image_blob0)
form.append('input_image_1', image_blob1)
form.append('prompt', 'take the subject of image 1and style it like image 0')

//this dummy request is temporary hack
//we're pushing a change to address this soon
const formRequest = new Request('http://dummy', {
  method: 'POST',
  body: form
});
const formStream = formRequest.body;
const formContentType = formRequest.headers.get('content-type') || 'multipart/form-data';

const resp = await env.AI.run("@cf/black-forest-labs/flux-2-dev", {
    multipart: {
        body: form,
        contentType: "multipart/form-data"
    }
})

JSON Prompting

The model supports prompting in JSON to get more granular control over images. You would pass the JSON as the value of the 'prompt' field in the multipart form data. See the JSON schema below on the base parameters you can pass to the model.

JSON Prompting Schema

{
  "type": "object",
  "properties": {
    "scene": {
      "type": "string",
      "description": "Overall scene setting or location"
    },
    "subjects": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "type": {
            "type": "string",
            "description": "Type of subject (e.g., desert nomad, blacksmith, DJ, falcon)"
          },
          "description": {
            "type": "string",
            "description": "Physical attributes, clothing, accessories"
          },
          "pose": {
            "type": "string",
            "description": "Action or stance"
          },
          "position": {
            "type": "string",
            "enum": ["foreground", "midground", "background"],
            "description": "Depth placement in scene"
          }
        },
        "required": ["type", "description", "pose", "position"]
      }
    },
    "style": {
      "type": "string",
      "description": "Artistic rendering style (e.g., digital painting, photorealistic, pixel art, noir sci-fi, lifestyle photo, wabi-sabi photo)"
    },
    "color_palette": {
      "type": "array",
      "items": { "type": "string" },
      "minItems": 3,
      "maxItems": 3,
      "description": "Exactly 3 main colors for the scene (e.g., ['navy', 'neon yellow', 'magenta'])"
    },
    "lighting": {
      "type": "string",
      "description": "Lighting condition and direction (e.g., fog-filtered sun, moonlight with star glints, dappled sunlight)"
    },
    "mood": {
      "type": "string",
      "description": "Emotional atmosphere (e.g., harsh and determined, playful and modern, peaceful and dreamy)"
    },
    "background": {
      "type": "string",
      "description": "Background environment details"
    },
    "composition": {
      "type": "string",
      "enum": [
        "rule of thirds",
        "circular arrangement",
        "framed by foreground",
        "minimalist negative space",
        "S-curve",
        "vanishing point center",
        "dynamic off-center",
        "leading leads",
        "golden spiral",
        "diagonal energy",
        "strong verticals",
        "triangular arrangement"
      ],
      "description": "Compositional technique"
    },
    "camera": {
      "type": "object",
      "properties": {
        "angle": {
          "type": "string",
          "enum": ["eye level", "low angle", "slightly low", "bird's-eye", "worm's-eye", "over-the-shoulder", "isometric"],
          "description": "Camera perspective"
        },
        "distance": {
          "type": "string",
          "enum": ["close-up", "medium close-up", "medium shot", "medium wide", "wide shot", "extreme wide"],
          "description": "Framing distance"
        },
        "focus": {
          "type": "string",
          "enum": ["deep focus", "macro focus", "selective focus", "sharp on subject", "soft background"],
          "description": "Focus type"
        },
        "lens": {
          "type": "string",
          "enum": ["14mm", "24mm", "35mm", "50mm", "70mm", "85mm"],
          "description": "Focal length (wide to telephoto)"
        },
        "f-number": {
          "type": "string",
          "description": "Aperture (e.g., f/2.8, the smaller the number the more blurry the background)"
        },
        "ISO": {
          "type": "number",
          "description": "Light sensitivity value (comfortable range between 100 & 6400, lower = less sensitivity)"
        }
      }
    },
    "effects": {
      "type": "array",
      "items": { "type": "string" },
      "description": "Post-processing effects (e.g., 'lens flare small', 'subtle film grain', 'soft bloom', 'god rays', 'chromatic aberration mild')"
    }
  },
  "required": ["scene", "subjects"]
}

Other features to try

The model also supports the most common latin and non-latin character languages
You can prompt the model with specific hex codes like #2ECC71
Try creating digital assets like landing pages, comic strips, infographics too!

Radar - Cloud Services Observability in Cloudflare Radar

Mon, 24 Nov 2025 00:00:00 GMT

Radar introduces HTTP Origins insights, providing visibility into the status of traffic between Cloudflare's global network and cloud-based origin infrastructure.

The new Origins API provides provides the following endpoints:

/origins - Lists all origins (cloud providers and associated regions).
/origins/{origin} - Retrieves information about a specific origin (cloud provider).
/origins/timeseries - Retrieves normalized time series data for a specific origin, including the following metrics:
- REQUESTS: Number of requests
- CONNECTION_FAILURES: Number of connection failures
- RESPONSE_HEADER_RECEIVE_DURATION: Duration of the response header receive
- TCP_HANDSHAKE_DURATION: Duration of the TCP handshake
- TCP_RTT: TCP round trip time
- TLS_HANDSHAKE_DURATION: Duration of the TLS handshake
/origins/summary - Retrieves HTTP requests to origins summarized by a dimension.
/origins/timeseries_groups - Retrieves timeseries data for HTTP requests to origins grouped by a dimension.

The following dimensions are available for the summary and timeseries_groups endpoints:

region: Origin region
success_rate: Success rate of requests (2XX versus 5XX response codes)
percentile: Percentiles of metrics listed above

Additionally, the Annotations and Traffic Anomalies APIs have been extended to support origin outages and anomalies, enabling automated detection and alerting for origin infrastructure issues.

Check out the new Radar page.

WAF - WAF Release - 2025-11-24

Mon, 24 Nov 2025 00:00:00 GMT

This week highlights enhancements to detection signatures improving coverage for vulnerabilities in FortiWeb, linked to CVE-2025-64446, alongside new detection logic expanding protection against PHP Wrapper Injection techniques.

Key Findings

This vulnerability enables an unauthenticated attacker to bypass access controls by abusing the CGIINFO header. The latest update strengthens detection logic to ensure a reliable identification of crafted requests attempting to exploit this flaw.

Impact

FortiWeb (CVE-2025-64446): Exploitation allows a remote unauthenticated adversary to circumvent authentication mechanisms by sending a manipulated CGIINFO header to FortiWeb’s backend CGI handler. Successful exploitation grants unintended access to restricted administrative functionality, potentially enabling configuration tampering or system-level actions.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	b957ace6e9844bf29244401c4e2e1a2e	N/A	FortiWeb - Authentication Bypass via CGIINFO Header - CVE:CVE-2025-64446	Log	Block	This is a new detection
Cloudflare Managed Ruleset	e3871391a93248fa98a78e03b6c44ed5	N/A	PHP Wrapper Injection - Body - Beta	Log	Disabled	This rule has been merged into the original rule "PHP Wrapper Injection - Body" (ID:fae6fa37ae9249d58628e54b1a3e521e )
Cloudflare Managed Ruleset	e6b1b66e0e3b46969102baed900f4015	N/A	PHP Wrapper Injection - URI - Beta	Log	Disabled	This rule has been merged into the original rule "PHP Wrapper Injection - URI" (ID:9c02e585db34440da620eb668f76bd74 )

Containers, R2 - Mount R2 buckets in Containers

Fri, 21 Nov 2025 00:00:00 GMT

Containers now support mounting R2 buckets as FUSE (Filesystem in Userspace) volumes, allowing applications to interact with R2 using standard filesystem operations.

Common use cases include:

Bootstrapping containers with datasets, models, or dependencies for sandboxes and agent environments
Persisting user configuration or application state without managing downloads
Accessing large static files without bloating container images or downloading at startup

FUSE adapters like tigrisfs, s3fs, and gcsfuse can be installed in your container image and configured to mount buckets at startup.

FROM alpine:3.20

# Install FUSE and dependencies
RUN apk update && \
    apk add --no-cache ca-certificates fuse curl bash

# Install tigrisfs
RUN ARCH=$(uname -m) && \
    if [ "$ARCH" = "x86_64" ]; then ARCH="amd64"; fi && \
    if [ "$ARCH" = "aarch64" ]; then ARCH="arm64"; fi && \
    VERSION=$(curl -s https://api.github.com/repos/tigrisdata/tigrisfs/releases/latest | grep -o '"tag_name": "[^"]*' | cut -d'"' -f4) && \
    curl -L "https://github.com/tigrisdata/tigrisfs/releases/download/${VERSION}/tigrisfs_${VERSION#v}_linux_${ARCH}.tar.gz" -o /tmp/tigrisfs.tar.gz && \
    tar -xzf /tmp/tigrisfs.tar.gz -C /usr/local/bin/ && \
    rm /tmp/tigrisfs.tar.gz && \
    chmod +x /usr/local/bin/tigrisfs

# Create startup script that mounts bucket
RUN printf '#!/bin/sh\n\
    set -e\n\
    mkdir -p /mnt/r2\n\
    R2_ENDPOINT="https://${R2_ACCOUNT_ID}.r2.cloudflarestorage.com"\n\
    /usr/local/bin/tigrisfs --endpoint "${R2_ENDPOINT}" -f "${BUCKET_NAME}" /mnt/r2 &\n\
    sleep 3\n\
    ls -lah /mnt/r2\n\
    ' > /startup.sh && chmod +x /startup.sh

CMD ["/startup.sh"]

See the Mount R2 buckets with FUSE example for a complete guide on mounting R2 buckets and/or other S3-compatible storage buckets within your containers.

Containers - New CPU Pricing for Containers and Sandboxes

Fri, 21 Nov 2025 00:00:00 GMT

Containers and Sandboxes pricing for CPU time is now based on active usage only, instead of provisioned resources.

This means that you now pay less for Containers and Sandboxes.

An Example Before and After

Imagine running the standard-2 instance type for one hour, which can use up to 1 vCPU, but on average you use only 20% of your CPU capacity.

CPU-time is priced at $0.00002 per vCPU-second.

Previously, you would be charged for the CPU allocated to the instance multiplied by the time it was active, in this case 1 hour.

CPU cost would have been: $0.072 — 1 vCPU * 3600 seconds * $0.00002

Now, since you are only using 20% of your CPU capacity, your CPU cost is cut to 20% of the previous amount.

CPU cost is now: $0.0144 — 1 vCPU * 3600 seconds * $0.00002 * 20% utilization

This can significantly reduce costs for Containers and Sandboxes.

See the documentation to learn more about Containers, Sandboxes, and associated pricing.

Security Center - Threat insights are now available in the Threat Events platform

Fri, 21 Nov 2025 00:00:00 GMT

The threat events platform now has threat insights available for some relevant parent events. Threat intelligence analyst users can access these insights for their threat hunting activity. Insights are also highlighted in the Cloudflare dashboard by a small lightning icon and the insights can refer to multiple, connected events, potentially part of the same attack or campaign and associated with the same threat actor.

For more information, refer to Analyze threat events.

WAF - WAF Release - 2025-11-21

Fri, 21 Nov 2025 00:00:00 GMT

This week’s release introduces a critical detection for CVE-2025-61757, a vulnerability in the Oracle Identity Manager REST WebServices component.

Key Findings

This flaw allows unauthenticated attackers with network access over HTTP to fully compromise the Identity Manager, potentially leading to a complete takeover.

Impact

Oracle Identity Manager (CVE-2025-61757): Exploitation could allow an unauthenticated remote attacker to bypass security checks by sending specially crafted requests to the application's message processor. This enables the creation of arbitrary employee accounts, which can be leveraged to modify system configurations and achieve full system compromise.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	fa584616fe2241608cb8bd1339fdbe7e	N/A	Oracle Identity Manager - Pre-Auth RCE - CVE:CVE-2025-61757	N/A	Block	This is a new detection.

Workers - Environment variable limits increase for Workers Builds

Fri, 21 Nov 2025 00:00:00 GMT

Workers Builds now supports up to 64 environment variables, and each environment variable can be up to 5 KB in size. The previous limit was 5 KB total across all environment variables.

This change enables better support for complex build configurations, larger application settings, and more flexible CI/CD workflows.

For more details, refer to the build limits documentation.

Workers - Better local deployment flow for Cloudflare Workers

Fri, 21 Nov 2025 00:00:00 GMT

Until now, if a Worker had been previously deployed via the Cloudflare Dashboard, a subsequent deployment done via the Cloudflare Workers CLI, Wrangler (through the deploy command), would allow the user to override the Worker's dashboard settings without providing details on what dashboard settings would be lost.

Now instead, wrangler deploy presents a helpful representation of the differences between the local configuration and the remote dashboard settings, and offers to update your local configuration file for you.

See example below showing a before and after for wrangler deploy when a local configuration is expected to override a Worker's dashboard settings:

Before

After

Also, if instead Wrangler detects that a deployment would override remote dashboard settings but in an additive way, without modifying or removing any of them, it will simply proceed with the deployment without requesting any user interaction.

Update to Wrangler v4.50.0 or greater to take advantage of this improved deploy flow.

Cloudflare Fundamentals, Terraform - Terraform v5.13.0 now available

Thu, 20 Nov 2025 00:00:00 GMT

Earlier this year, we announced the launch of the new Terraform v5 Provider. We are aware of the high number of issues reported by the Cloudflare community related to the v5 release. We have committed to releasing improvements on a 2-3 week cadence to ensure its stability and reliability, including the v5.13 release. We have also pivoted from an issue-to-issue approach to a resource-per-resource approach - we will be focusing on specific resources to not only stabilize the resource but also ensure it is migration-friendly for those migrating from v4 to v5.

Thank you for continuing to raise issues. They make our provider stronger and help us build products that reflect your needs.

This release includes new features, new resources and data sources, bug fixes, updates to our Developer Documentation, and more.

Breaking Change

Please be aware that there are breaking changes for the cloudflare_api_token and cloudflare_account_token resources. These changes eliminate configuration drift caused by policy ordering differences in the Cloudflare API.

For more specific information about the changes or the actions required, please see the detailed Repository changelog.

Features

New resources and data sources added
- cloudflare_connectivity_directory
- cloudflare_sso_connector
- cloudflare_universal_ssl_setting
api_token+account_tokens: state upgrader and schema bump (#6472)
docs: make docs explicit when a resource does not have import support
magic_transit_connector: support self-serve license key (#6398)
worker_version: add content_base64 support
worker_version: boolean support for run_worker_first (#6407)
workers_script_subdomains: add import support (#6375)
zero_trust_access_application: add proxy_endpoint for ZT Access Application (#6453)
zero_trust_dlp_predefined_profile: Switch DLP Predefined Profile endpoints, introduce enabled_entries attribut

Bug Fixes

account_token: token policy order and nested resources (#6440)
allow r2_bucket_event_notification to be applied twice without failing (#6419)
cloudflare_worker+cloudflare_worker_version: import for the resources (#6357)
dns_record: inconsistent apply error (#6452)
pages_domain: resource tests (#6338)
pages_project: unintended resource state drift (#6377)
queue_consumer: id population (#6181)
workers_kv: multipart request (#6367)
workers_kv: updating workers metadata attribute to be read from endpoint (#6386)
workers_script_subdomain: add note to cloudflare_workers_script_subdomain about redundancy with cloudflare_worker (#6383)
workers_script: allow config.run_worker_first to accept list input
zero_trust_device_custom_profile_local_domain_fallback: drift issues (#6365)
zero_trust_device_custom_profile: resolve drift issues (#6364)
zero_trust_dex_test: correct configurability for 'targeted' attribute to fix drift
zero_trust_tunnel_cloudflared_config: remove warp_routing from cloudflared_config (#6471)

Upgrading

We suggest holding off on migration to v5 while we work on stabilization. This help will you avoid any blocking issues while the Terraform resources are actively being stabilized. We will be releasing a new migration tool in March 2026 to help support v4 to v5 transitions for our most popular resources.

For more info

AI Search - AI Search support for crawling login protected website content

Wed, 19 Nov 2025 00:00:00 GMT

AI Search now supports custom HTTP headers for website crawling, solving a common problem where valuable content behind authentication or access controls could not be indexed.

Previously, AI Search could only crawl publicly accessible pages, leaving knowledge bases, documentation, and other protected content out of your search results. With custom headers support, you can now include authentication credentials that allow the crawler to access this protected content.

This is particularly useful for indexing content like:

Internal documentation behind corporate login systems
Premium content that requires users to provide access to unlock
Sites protected by Cloudflare Access using service tokens

To add custom headers when creating an AI Search instance, select Parse options. In the Extra headers section, you can add up to five custom headers per Website data source.

For example, to crawl a site protected by Cloudflare Access, you can add service token credentials as custom headers:

CF-Access-Client-Id: your-token-id.access
CF-Access-Client-Secret: your-token-secret

The crawler will automatically include these headers in all requests, allowing it to access protected pages that would otherwise be blocked.

Learn more about configuring custom headers for website crawling in AI Search.

Email security - Adjustment to Final Disposition Column

Tue, 18 Nov 2025 00:00:00 GMT

Adjustment to Final Disposition column

The Final Disposition column in Submissions > Team Submissions tab is changing for non-Phishguard customers.

What's Changing

Column will be called Status instead of Final Disposition
Column status values will now be: Submitted, Accepted or Rejected.

Next Steps

We will listen carefully to your feedback and continue to find comprehensive ways to communicate updates on your submissions. Your submissions will continue to be addressed at an even greater rate than before, fuelling faster and more accurate email security improvement.

Cloudflare One - New Cloudflare One Navigation and Product Experience

Mon, 17 Nov 2025 00:00:00 GMT

The Zero Trust dashboard and navigation is receiving significant and exciting updates. The dashboard is being restructured to better support common tasks and workflows, and various pages have been moved and consolidated.

There is a new guided experience on login detailing the changes, and you can use the Zero Trust dashboard search to find product pages by both their new and old names, as well as your created resources. To replay the guided experience, you can find it in Overview > Get Started.

Notable changes

Product names have been removed from many top-level navigation items to help bring clarity to what they help you accomplish. For example, you can find Gateway policies under ‘Traffic policies' and CASB findings under ‘Cloud & SaaS findings.'
You can view all analytics, logs, and real-time monitoring tools from ‘Insights.'
‘Networks' better maps the ways that your corporate network interacts with Cloudflare. Some pages like Tunnels, are now a tab rather than a full page as part of these changes. You can find them at Networks > Connectors.
Settings are now located closer to the tools and resources they impact. For example, this means you'll find your WARP configurations at Team & Resources > Devices.

No changes to our API endpoint structure or to any backend services have been made as part of this effort.

WAF - WAF Release - 2025-11-17

Mon, 17 Nov 2025 00:00:00 GMT

This week highlights enhancements to detection signatures improving coverage for vulnerabilities in DELMIA Apriso, linked to CVE-2025-6205.

Key Findings

This vulnerability allows unauthenticated attackers to gain privileged access to the application. The latest update provides enhanced detection logic for resilient protection against exploitation attempts.

Impact

DELMIA Apriso (CVE-2025-6205): Exploitation could allow an unauthenticated remote attacker to bypass security checks by sending specially crafted requests to the application's message processor. This enables the creation of arbitrary employee accounts, which can be leveraged to modify system configurations and achieve full system compromise.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	ec1e2aa190e64e7cb468e16dd256f4bc	N/A	DELMIA Apriso - Auth Bypass - CVE:CVE-2025-6205	Log	Block	This is a new detection.
Cloudflare Managed Ruleset	fae6fa37ae9249d58628e54b1a3e521e	N/A	PHP Wrapper Injection - Body	N/A	Disabled	Rule metadata description refined. Detection unchanged.
Cloudflare Managed Ruleset	9c02e585db34440da620eb668f76bd74	N/A	PHP Wrapper Injection - URI	N/A	Disabled	Rule metadata description refined. Detection unchanged.

Access - Generate Cloudflare Access SSH certificate authority (CA) directly from the Cloudflare dashboard

Fri, 14 Nov 2025 00:00:00 GMT

SSH with Cloudflare Access for Infrastructure allows you to use short-lived SSH certificates to eliminate SSH key management and reduce security risks associated with lost or stolen keys.

Previously, users had to generate this certificate by using the Cloudflare API directly. With this update, you can now create and manage this certificate in the Cloudflare One dashboard from the Access controls > Service credentials page.

For more details, refer to Generate a Cloudflare SSH CA.

CASB - New SaaS Security weekly digests with API CASB

Fri, 14 Nov 2025 00:00:00 GMT

You can now stay on top of your SaaS security posture with the new CASB Weekly Digest notification. This opt-in email digest is delivered to your inbox every Monday morning and provides a high-level summary of your organization's Cloudflare API CASB findings from the previous week.

This allows security teams and IT administrators to get proactive, at-a-glance visibility into new risks and integration health without having to log in to the dashboard.

To opt in, navigate to Manage Account > Notifications in the Cloudflare dashboard to configure the CASB Weekly Digest alert type.

Key capabilities

At-a-glance summary — Review new high/critical findings, most frequent finding types, and new content exposures from the past 7 days.
Integration health — Instantly see the status of all your connected SaaS integrations (Healthy, Unhealthy, or Paused) to spot API connection issues.
Proactive alerting — The digest is sent automatically to all subscribed users every Monday morning.
Easy to configure — Users can opt in by enabling the notification in the Cloudflare dashboard under Manage Account > Notifications.

Learn more

Configure notification preferences in Cloudflare.

The CASB Weekly Digest notification is available to all Cloudflare users today.

Log Explorer - Fixed custom SQL date picker inconsistencies

Thu, 13 Nov 2025 00:00:00 GMT

We've resolved a bug in Log Explorer that caused inconsistencies between the custom SQL date field filters and the date picker dropdown. Previously, users attempting to filter logs based on a custom date field via a SQL query sometimes encountered unexpected results or mismatching dates when using the interactive date picker.

This fix ensures that the custom SQL date field filters now align correctly with the selection made in the date picker dropdown, providing a reliable and predictable filtering experience for your log data. This is particularly important for users creating custom log views based on time-sensitive fields.

Log Explorer - Log Explorer adds 14 new datasets

Thu, 13 Nov 2025 00:00:00 GMT

We've significantly enhanced Log Explorer by adding support for 14 additional Cloudflare product datasets.

This expansion enables Operations and Security Engineers to gain deeper visibility and telemetry across a wider range of Cloudflare services. By integrating these new datasets, users can now access full context to efficiently investigate security incidents, troubleshoot application performance issues, and correlate logged events across different layers (like application and network) within a single interface. This capability is crucial for a complete and cohesive understanding of event flows across your Cloudflare environment.

The newly supported datasets include:

Zone Level

Dns_logs
Nel_reports
Page_shield_events
Spectrum_events
Zaraz_events

Account Level

Audit Logs
Audit_logs_v2
Biso_user_actions
DNS firewall logs
Email_security_alerts
Magic Firewall IDS
Network Analytics
Sinkhole HTTP
ipsec_logs

Example: Correlating logs

You can now use Log Explorer to query and filter with each of these datasets. For example, you can identify an IP address exhibiting suspicious behavior in the FW_event logs, and then instantly pivot to the Network Analytics logs or Access logs to see its network-level traffic profile or if it bypassed a corporate policy.

To learn more and get started, refer to the Log Explorer documentation and the Cloudflare Logs documentation.

API Shield - New BOLA Vulnerability Detection for API Shield

Wed, 12 Nov 2025 00:00:00 GMT

Now, API Shield automatically searches for and highlights Broken Object Level Authorization (BOLA) attacks on managed API endpoints. API Shield will highlight both BOLA enumeration attacks and BOLA pollution attacks, telling you what was attacked, by who, and for how long.

You can find these attacks three different ways: Security Overview, Endpoint details, or Security Analytics. If these attacks are not found on your managed API endpoints, there will not be an overview card or security analytics suspicious activity card.

From the endpoint details, you can select View attack to find details about the BOLA attacker’s sessions.

From here, select View in Analytics to observe attacker traffic over time for the last seven days.

Your search will filter to traffic on that endpoint in the last seven days, along with the malicious session IDs found in the attack. Session IDs are hashed for privacy and will not be found in your origin logs. Refer to IP and JA4 fingerprint to cross-reference behavior at the origin.

At any time, you can also start your investigation into attack traffic from Security Analytics by selecting the suspicious activity card.

We urge you to take all of this client information to your developer team to research the attacker behavior and ensure any broken authorization policies in your API are fixed at the source in your application, preventing further abuse.

In addition, this release marks the end of the beta period for these scans. All Enterprise customers with API Shield subscriptions will see these new attacks if found on their zone.

Digital Experience Monitoring - DEX Logpush jobs

Wed, 12 Nov 2025 00:00:00 GMT

Digital Experience Monitoring (DEX) provides visibility into WARP device metrics, connectivity, and network performance across your Cloudflare SASE deployment.

We've released four new WARP and DEX device data sets that can be exported via Cloudflare Logpush. These Logpush data sets can be exported to R2, a cloud bucket, or a SIEM to build a customized logging and analytics experience.

To create a new DEX or WARP Logpush job, customers can go to the account level of the Cloudflare dashboard > Analytics & Logs > Logpush to get started.

Workers Analytics Engine, Workers - More SQL aggregate, date and time functions available in Workers Analytics Engine

Wed, 12 Nov 2025 00:00:00 GMT

You can now perform more powerful queries directly in Workers Analytics Engine with a major expansion of our SQL function library.

Workers Analytics Engine allows you to ingest and store high-cardinality data at scale (such as custom analytics) and query your data through a simple SQL API.

Today, we've expanded Workers Analytics Engine's SQL capabilities with several new functions:

New aggregate functions:

countIf() - count the number of rows which satisfy a provided condition
sumIf() - calculate a sum from rows which satisfy a provided condition
avgIf() - calculate an average from rows which satisfy a provided condition

New date and time functions:

toYear()
toMonth()
toDayOfMonth()
toDayOfWeek()
toHour()
toMinute()
toSecond()
toStartOfYear()
toStartOfMonth()
toStartOfWeek()
toStartOfDay()
toStartOfHour()
toStartOfFifteenMinutes()
toStartOfTenMinutes()
toStartOfFiveMinutes()
toStartOfMinute()
today()
toYYYYMM()

Ready to get started?

Whether you're building usage-based billing systems, customer analytics dashboards, or other custom analytics, these functions let you get the most out of your data. Get started with Workers Analytics Engine and explore all available functions in our SQL reference documentation.

Cloudflare One Client - WARP client for Windows (version 2025.9.558.0)

Tue, 11 Nov 2025 17:28:35 GMT

A new GA release for the Windows WARP client is now available on the stable releases downloads page.

This release contains minor fixes, improvements, and new features including Path Maximum Transmission Unit Discovery (PMTUD). When PMTUD is enabled, the client will dynamically adjust packet sizing to optimize connection performance. There is also a new connection status message in the GUI to inform users that the local network connection may be unstable. This will make it easier to diagnose connectivity issues.

Changes and improvements

Fixed an inconsistency with Global WARP override settings in multi-user environments when switching between users.
The GUI now displays the health of the tunnel and DNS connections by showing a connection status message when the network may be unstable. This will make it easier to diagnose connectivity issues.
Fixed an issue where deleting a registration was erroneously reported as having failed.
Path Maximum Transmission Unit Discovery (PMTUD) may now be used to discover the effective MTU of the connection. This allows the WARP client to improve connectivity optimized for each network. PMTUD is disabled by default. To enable it, refer to the PMTUD documentation.
Improvements for the OS version WARP client check. Windows Updated Build Revision (UBR) numbers can now be checked by the client to ensure devices have required security patches and features installed.
The WARP client now supports Windows 11 ARM-based machines. For information on known limitations, refer to the Known limitations page.

Known issues

For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum Windows 11 24H2 KB5062553 or higher for resolution.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2025.9.558.0)

Tue, 11 Nov 2025 17:28:35 GMT

A new GA release for the macOS WARP client is now available on the stable releases downloads page.

Changes and improvements

The GUI now displays the health of the tunnel and DNS connections by showing a connection status message when the network may be unstable. This will make it easier to diagnose connectivity issues.
Fixed an issue where deleting a registration was erroneously reported as having failed.
Path Maximum Transmission Unit Discovery (PMTUD) may now be used to discover the effective MTU of the connection. This allows the WARP client to improve connectivity optimized for each network. PMTUD is disabled by default. To enable it, refer to the PMTUD documentation.

Known issues

Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.

Cloudflare One Client - WARP client for Linux (version 2025.9.558.0)

Tue, 11 Nov 2025 15:06:09 GMT

A new GA release for the Linux WARP client is now available on the stable releases downloads page.

Changes and improvements

The GUI now displays the health of the tunnel and DNS connections by showing a connection status message when the network may be unstable. This will make it easier to diagnose connectivity issues.
Fixed an issue where deleting a registration was erroneously reported as having failed.
Path Maximum Transmission Unit Discovery (PMTUD) may now be used to discover the effective MTU of the connection. This allows the WARP client to improve connectivity optimized for each network. PMTUD is disabled by default. To enable it, refer to the PMTUD documentation.

Log Explorer - Resize your custom SQL window in Log Explorer

Tue, 11 Nov 2025 00:00:00 GMT

We're excited to announce a quality-of-life improvement for Log Explorer users. You can now resize the custom SQL query window to accommodate longer and more complex queries.

Previously, if you were writing a long custom SQL query, the fixed-size window required excessive scrolling to view the full query. This update allows you to easily drag the bottom edge of the query window to make it taller. This means you can view your entire custom query at once, improving the efficiency and experience of writing and debugging complex queries.

To learn more and get started, refer to the Log Explorer documentation.

Logs - Logpush Health Dashboards

Tue, 11 Nov 2025 00:00:00 GMT

We’re excited to introduce Logpush Health Dashboards, giving customers real-time visibility into the status, reliability, and performance of their Logpush jobs. Health dashboards make it easier to detect delivery issues, monitor job stability, and track performance across destinations. The dashboards are divided into two sections:

Upload Health: See how much data was successfully uploaded, where drops occurred, and how your jobs are performing overall. This includes data completeness, success rate, and upload volume.
Upload Reliability – Diagnose issues impacting stability, retries, or latency, and monitor key metrics such as retry counts, upload duration, and destination availability.

Health Dashboards can be accessed from the Logpush page in the Cloudflare dashboard at the account or zone level, under the Health tab. For more details, refer to our Logpush Health Dashboards documentation, which includes a comprehensive troubleshooting guide to help interpret and resolve common issues.

Cloudflare Tunnel, Cloudflare Tunnel for SASE - cloudflared proxy-dns command will be removed starting February 2, 2026

Tue, 11 Nov 2025 00:00:00 GMT

Starting February 2, 2026, the cloudflared proxy-dns command will be removed from all new cloudflared releases.

This change is being made to enhance security and address a potential vulnerability in an underlying DNS library. This vulnerability is specific to the proxy-dns command and does not affect any other cloudflared features, such as the core Cloudflare Tunnel service.

The proxy-dns command, which runs a client-side DNS-over-HTTPS (DoH) proxy, has been an officially undocumented feature for several years. This functionality is fully and securely supported by our actively developed products.

Versions of cloudflared released before this date will not be affected and will continue to operate. However, note that our official support policy for any cloudflared release is one year from its release date.

Migration paths

We strongly advise users of this undocumented feature to migrate to one of the following officially supported solutions before February 2, 2026, to continue benefiting from secure DNS-over-HTTPS.

End-user devices

The preferred method for enabling DNS-over-HTTPS on user devices is the Cloudflare WARP client. The WARP client automatically secures and proxies all DNS traffic from your device, integrating it with your organization's Zero Trust policies and posture checks.

Servers, routers, and IoT devices

For scenarios where installing a client on every device is not possible (such as servers, routers, or IoT devices), we recommend using the WARP Connector.

Instead of running cloudflared proxy-dns on a machine, you can install the WARP Connector on a single Linux host within your private network. This connector will act as a gateway, securely routing all DNS and network traffic from your entire subnet to Cloudflare for filtering and logging.

AI Crawl Control - Crawler drilldowns with extended actions menu

Mon, 10 Nov 2025 00:00:00 GMT

AI Crawl Control now supports per-crawler drilldowns with an extended actions menu and status code analytics. Drill down into Metrics, Cloudflare Radar, and Security Analytics, or export crawler data for use in WAF custom rules, Redirect Rules, and robots.txt files.

What's new

Status code distribution chart

The Metrics tab includes a status code distribution chart showing HTTP response codes (2xx, 3xx, 4xx, 5xx) over time. Filter by individual crawler, category, operator, or time range to analyze how specific crawlers interact with your site.

Extended actions menu

Each crawler row includes a three-dot menu with per-crawler actions:

View Metrics — Filter the AI Crawl Control Metrics page to the selected crawler.
View on Cloudflare Radar — Access verified crawler details on Cloudflare Radar.
Copy User Agent — Copy user agent strings for use in WAF custom rules, Redirect Rules, or robots.txt files.
View in Security Analytics — Filter Security Analytics by detection IDs (Bot Management customers).
Copy Detection ID — Copy detection IDs for use in WAF custom rules (Bot Management customers).

Get started

Log in to the Cloudflare dashboard, and select your account and domain.
Go to AI Crawl Control > Metrics to access the status code distribution chart.
Go to AI Crawl Control > Crawlers and select the three-dot menu for any crawler to access per-crawler actions.
Select multiple crawlers to use bulk copy buttons for user agents or detection IDs.

Learn more about AI Crawl Control.

WAF - WAF Release - 2025-11-10

Mon, 10 Nov 2025 00:00:00 GMT

This week’s release introduces new detections for Prototype Pollution across three common vectors: URI, Body, and Header/Form.

Key Findings

These attacks can affect both API and web applications by altering normal behavior or bypassing security controls.

Impact

Exploitation may allow attackers to change internal logic or cause unexpected behavior in applications using JavaScript or Node.js frameworks. Developers should sanitize input keys and avoid merging untrusted data structures.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	32405a50728746dd8caa057b606285e6	N/A	Generic Rules - Prototype Pollution - URI	Log	Disabled	This is a new detection
Cloudflare Managed Ruleset	a7da00c63c4243d2a72456fe4f59ff26	N/A	Generic Rules - Prototype Pollution - Body	Log	Disabled	This is a new detection
Cloudflare Managed Ruleset	833078bdcfa04bb7aa7b8fb67efbeb39	N/A	Generic Rules - Prototype Pollution - Header - Form	Log	Disabled	This is a new detection

Workers - Select Wrangler environments using the CLOUDFLARE_ENV environment variable

Sun, 09 Nov 2025 00:00:00 GMT

Wrangler now supports using the CLOUDFLARE_ENV environment variable to select the active environment for your Worker commands. This provides a more flexible way to manage environments, especially when working with build tools and CI/CD pipelines.

What's new

Environment selection via environment variable:

Set CLOUDFLARE_ENV to specify which environment to use for Wrangler commands
Works with all Wrangler commands that support the --env flag
The --env command line argument takes precedence over the CLOUDFLARE_ENV environment variable

Example usage

# Deploy to the production environment using CLOUDFLARE_ENV
CLOUDFLARE_ENV=production wrangler deploy

# Upload a version to the staging environment
CLOUDFLARE_ENV=staging wrangler versions upload

# The --env flag takes precedence over CLOUDFLARE_ENV
CLOUDFLARE_ENV=dev wrangler deploy --env production
# This will deploy to production, not dev

Use with build tools

The CLOUDFLARE_ENV environment variable is particularly useful when working with build tools like Vite. You can set the environment once during the build process, and it will be used for both building and deploying your Worker:

# Set the environment for both build and deploy
CLOUDFLARE_ENV=production npm run build & wrangler deploy

When using @cloudflare/vite-plugin, the build process generates a "redirected deploy config" that is flattened to only contain the active environment. Wrangler will validate that the environment specified matches the environment used during the build to prevent accidentally deploying a Worker built for one environment to a different environment.

Learn more

Cache - Inspect Cache Keys with Cloudflare Trace

Fri, 07 Nov 2025 00:00:00 GMT

You can now see the exact cache key generated for any request directly in Cloudflare Trace. This visibility helps you troubleshoot cache hits and misses, and verify that your Custom Cache Keys — configured via Cache Rules or Page Rules — are working as intended.

Previously, diagnosing caching behavior required inferring the key from configuration settings. Now, you can confirm that your custom logic for headers, query strings, and device types is correctly applied.

Access Trace via the dashboard or API, either manually for ad-hoc debugging or automated as part of your quality-of-service monitoring.

Example scenario

If you have a Cache Rule that segments content based on a specific cookie (for example, user_region), run a Trace with that cookie present to confirm the user_region value appears in the resulting cache key.

The Trace response includes the cache key in the cache object:

{
  "step_name": "request",
  "type": "cache",
  "matched": true,
  "public_name": "Cache Parameters",
  "cache": {
    "key": {
      "zone_id": "023e105f4ecef8ad9ca31a8372d0c353",
      "scheme": "https",
      "host": "example.com",
      "uri": "/images/hero.jpg"
    },
    "key_string": "023e105f4ecef8ad9ca31a8372d0c353::::https://example.com/images/hero.jpg:::::"
  }
}

Get started

To learn more, refer to the Trace documentation and our guide on Custom Cache Keys.

Workers - Workers automatic tracing, now in open beta

Fri, 07 Nov 2025 00:00:00 GMT

Enable automatic tracing on your Workers, giving you detailed metadata and timing information for every operation your Worker performs.

Tracing helps you identify performance bottlenecks, resolve errors, and understand how your Worker interacts with other services on the Workers platform. You can now answer questions like:

Which calls are slowing down my application?
Which queries to my database take the longest?
What happened within a request that resulted in an error?

You can now:

View traces alongside your logs in the Workers Observability dashboard
Export traces (and correlated logs) to any OTLP-compatible destination, such as Honeycomb, Sentry or Grafana, by configuring a tracing destination in the Cloudflare dashboard
Analyze and query across span attributes (operation type, status, duration, errors)

To get started, set:

{
  "observability": {
    "tracing": {
      "enabled": true,
    },
  },
}

Want to learn more?

Cloudflare One, Cloudflare WAN - Automatic Return Routing (Beta)

Thu, 06 Nov 2025 00:00:00 GMT

Magic WAN now supports Automatic Return Routing (ARR), allowing customers to configure Magic on-ramps (IPsec/GRE/CNI) to learn the return path for traffic flows without requiring static routes.

Key benefits:

Route-less mode: Static or dynamic routes are optional when using ARR.
Overlapping IP space support: Traffic originating from customer sites can use overlapping private IP ranges.
Symmetric routing: Return traffic is guaranteed to use the same connection as the original on-ramp.

This feature is currently in beta and requires the new Unified Routing mode (beta).

For configuration details, refer to Configure Automatic Return Routing.

Cloudflare One, Cloudflare WAN - Designate WAN link for breakout traffic

Thu, 06 Nov 2025 00:00:00 GMT

Magic WAN Connector now allows you to designate a specific WAN port for breakout traffic, giving you deterministic control over the egress path for latency-sensitive applications.

With this feature, you can:

Pin breakout traffic for specific applications to a preferred WAN port.
Ensure critical traffic (such as Zoom or Teams) always uses your fastest or most reliable connection.
Benefit from automatic failover to standard WAN port priority if the preferred port goes down.

This is useful for organizations with multiple ISP uplinks who need predictable egress behavior for performance-sensitive traffic.

For configuration details, refer to Designate WAN ports for breakout apps.

Gateway - Applications to be remapped to the new categories

Thu, 06 Nov 2025 00:00:00 GMT

We have previously added new application categories to better reflect their content and improve HTTP traffic management: refer to Changelog. While the new categories are live now, we want to ensure you have ample time to review and adjust any existing rules you have configured against old categories. The remapping of existing applications into these new categories will be completed by January 30, 2026. This timeline allows you a dedicated period to:

Review the new category structure.
Identify any policies you have that target the older categories.
Adjust your rules to reference the new, more precise categories before the old mappings change. Once the applications have been fully remapped by January 30, 2026, you might observe some changes in the traffic being mitigated or allowed by your existing policies. We encourage you to use the intervening time to prepare for a smooth transition.

Applications being remappedd

Application Name	Existing Category	New Category
Google Photos	File Sharing	Photography & Graphic Design
Flickr	File Sharing	Photography & Graphic Design
ADP	Human Resources	Business
Greenhouse	Human Resources	Business
myCigna	Human Resources	Health & Fitness
UnitedHealthcare	Human Resources	Health & Fitness
ZipRecruiter	Human Resources	Business
Amazon Business	Human Resources	Business
Jobcenter	Human Resources	Business
Jobsuche	Human Resources	Business
Zenjob	Human Resources	Business
DocuSign	Legal	Business
Postident	Legal	Business
Adobe Creative Cloud	Productivity	Photography & Graphic Design
Airtable	Productivity	Development
Autodesk Fusion360	Productivity	IT Management
Coursera	Productivity	Education
Microsoft Power BI	Productivity	Business
Tableau	Productivity	Business
Duolingo	Productivity	Education
Adobe Reader	Productivity	Business
AnpiReport	Productivity	Travel
ビズリーチ	Productivity	Business
doda (デューダ)	Productivity	Business
求人ボックス	Productivity	Business
マイナビ2026	Productivity	Business
Power Apps	Productivity	Business
RECRUIT AGENT	Productivity	Business
シフトボード	Productivity	Business
スタンバイ	Productivity	Business
Doctolib	Productivity	Health & Fitness
Miro	Productivity	Photography & Graphic Design
MyFitnessPal	Productivity	Health & Fitness
Sentry Mobile	Productivity	Travel
Slido	Productivity	Photography & Graphic Design
Arista Networks	Productivity	IT Management
Atlassian	Productivity	Business
CoderPad	Productivity	Business
eAgreements	Productivity	Business
Vmware	Productivity	IT Management
Vmware Vcenter	Productivity	IT Management
AWS Skill Builder	Productivity	Education
Microsoft Office 365 (GCC)	Productivity	Business
Microsoft Exchange Online (GCC)	Productivity	Business
Canva	Sales & Marketing	Photography & Graphic Design
Instacart	Shopping	Food & Drink
Wawa	Shopping	Food & Drink
McDonald's	Shopping	Food & Drink
Vrbo	Shopping	Travel
American Airlines	Shopping	Travel
Booking.com	Shopping	Travel
Ticketmaster	Shopping	Entertainment & Events
Airbnb	Shopping	Travel
DoorDash	Shopping	Food & Drink
Expedia	Shopping	Travel
EasyPark	Shopping	Travel
UEFA Tickets	Shopping	Entertainment & Events
DHL Express	Shopping	Business
UPS	Shopping	Business

For more information on creating HTTP policies, refer to Applications and app types.

D1, Workers - D1 can restrict data localization with jurisdictions

Wed, 05 Nov 2025 00:00:00 GMT

You can now set a jurisdiction when creating a D1 database to guarantee where your database runs and stores data. Jurisdictions can help you comply with data localization regulations such as GDPR. Supported jurisdictions include eu and fedramp.

A jurisdiction can only be set at database creation time via wrangler, REST API or the UI and cannot be added/updated after the database already exists.

npx wrangler@latest d1 create db-with-jurisdiction --jurisdiction eu

curl -X POST "https://api.cloudflare.com/client/v4/accounts/<account_id>/d1/database" \
     -H "Authorization: Bearer $TOKEN" \
     -H "Content-Type: application/json" \
     --data '{"name": "db-wth-jurisdiction", "jurisdiction": "eu" }'

To learn more, visit D1's data location documentation.

Logs - Logpush Permission Update for Zero Trust Datasets

Wed, 05 Nov 2025 00:00:00 GMT

Permissions for managing Logpush jobs related to Zero Trust datasets (Access, Gateway, and DEX) have been updated to improve data security and enforce appropriate access controls.

To view, create, update, or delete Logpush jobs for Zero Trust datasets, users must now have both of the following permissions:

Logs Edit
Zero Trust: PII Read

WAF - WAF Release - 2025-11-05 - Emergency

Wed, 05 Nov 2025 00:00:00 GMT

This week’s emergency release introduces a new detection signature that enhances coverage for a critical vulnerability in the React Native Metro Development Server, tracked as CVE-2025-11953.

Key Findings

The Metro Development Server exposes an HTTP endpoint that is vulnerable to OS command injection (CWE-78). An unauthenticated network attacker can send a crafted request to this endpoint and execute arbitrary commands on the host running Metro. The vulnerability affects Metro/cli-server-api builds used by React Native Community CLI in pre-patch development releases.

Impact

Successful exploitation of CVE-2025-11953 may result in remote command execution on developer workstations or CI/build agents, leading to credential and secret exposure, source tampering, and potential lateral movement into internal networks. Administrators and developers are strongly advised to apply the vendor's patches and restrict Metro’s network exposure to reduce this risk.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	db6b9e1ac1494971ae8c70aac8e30c5b	N/A	React Native Metro - Command Injection - CVE:CVE-2025-11953	N/A	Block	This is a New Detection

Workers VPC - Announcing Workers VPC Services (Beta)

Wed, 05 Nov 2025 00:00:00 GMT

Workers VPC Services is now available, enabling your Workers to securely access resources in your private networks, without having to expose them on the public Internet.

What's new

VPC Services: Create secure connections to internal APIs, databases, and services using familiar Worker binding syntax
Multi-cloud Support: Connect to resources in private networks in any external cloud (AWS, Azure, GCP, etc.) or on-premise using Cloudflare Tunnels

export default {
  async fetch(request, env, ctx) {
    // Perform application logic in Workers here

    // Sample call to an internal API running on ECS in AWS using the binding
    const response = await env.AWS_VPC_ECS_API.fetch("https://internal-host.example.com");

    // Additional application logic in Workers
    return new Response();
  },
};

Getting started

Set up a Cloudflare Tunnel, create a VPC Service, add service bindings to your Worker, and access private resources securely. Refer to the documentation to get started.

Log Explorer - Log Explorer now supports query cancellation

Tue, 04 Nov 2025 00:00:00 GMT

We're excited to announce that Log Explorer users can now cancel queries that are currently running.

This new feature addresses a common pain point: waiting for a long, unintended, or misconfigured query to complete before you can submit a new, correct one. With query cancellation, you can immediately stop the execution of any undesirable query, allowing you to quickly craft and submit a new query, significantly improving your investigative workflow and productivity within Log Explorer.

Log Explorer - Log Explorer now shows query result distribution

Tue, 04 Nov 2025 00:00:00 GMT

We're excited to announce a new feature in Log Explorer that significantly enhances how you analyze query results: the Query results distribution chart.

This new chart provides a graphical distribution of your results over the time window of the query. Immediately after running a query, you will see the distribution chart above your result table. This visualization allows Log Explorer users to quickly spot trends, identify anomalies, and understand the temporal concentration of log events that match their criteria. For example, you can visually confirm if a spike in traffic or errors occurred at a specific time, allowing you to focus your investigation efforts more effectively. This feature makes it faster and easier to extract meaningful insights from your vast log data.

The chart will dynamically update to reflect the logs matching your current query.

WAF - WAF Release - 2025-11-03

Mon, 03 Nov 2025 00:00:00 GMT

This week highlights enhancements to detection signatures improving coverage for vulnerabilities in Adobe Commerce and Magento Open Source, linked to CVE-2025-54236.

Key Findings

This vulnerability allows unauthenticated attackers to take over customer accounts through the Commerce REST API and, in certain configurations, may lead to remote code execution. The latest update provides enhanced detection logic for resilient protection against exploitation attempts.

Impact

Adobe Commerce (CVE-2025-54236): Exploitation may allow attackers to hijack sessions, execute arbitrary commands, steal data, and disrupt storefronts, resulting in confidentiality and integrity risks for merchants. Administrators are strongly encouraged to apply vendor patches without delay.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	f5295d8333b7428c816654d8cb6d5fe5	100774C	Adobe Commerce - Remote Code Execution - CVE:CVE-2025-54236	Log	Block	This is an improved detection.

Workers - Capture Wrangler command output in structured format

Mon, 03 Nov 2025 00:00:00 GMT

You can now capture Wrangler command output in a structured ND-JSON format by setting the WRANGLER_OUTPUT_FILE_PATH or WRANGLER_OUTPUT_FILE_DIRECTORY environment variables. This feature is particularly useful for CI/CD pipelines and automation tools that need programmatic access to deployment information such as worker names, version IDs, deployment URLs, and error details. Commands that support this feature include wrangler deploy, wrangler versions upload, wrangler versions deploy, and wrangler pages deploy.

Security Center - Report logo misuse to Cloudflare directly from the Brand Protection dashboard

Fri, 31 Oct 2025 00:00:00 GMT

The Brand Protection logo query dashboard now allows you to use the Report to Cloudflare button to submit an Abuse report directly from the Brand Protection logo queries dashboard. While you could previously report new domains that were impersonating your brand before, now you can do the same for websites found to be using your logo wihtout your permission. The abuse reports wiull be prefilled and you will only need to validate a few fields before you can click the submit button, after which our team process your request.

Ready to start? Check out the Brand Protection docs.

Workers, Durable Objects, Browser Rendering - Workers WebSocket message size limit increased from 1 MiB to 32 MiB

Fri, 31 Oct 2025 00:00:00 GMT

Workers, including those using Durable Objects and Browser Rendering, may now process WebSocket messages up to 32 MiB in size. Previously, this limit was 1 MiB.

This change allows Workers to handle use cases requiring large message sizes, such as processing Chrome Devtools Protocol messages.

For more information, please see the Durable Objects startup limits.

Workflows, Workers - Increased Workflows instance and concurrency limits

Fri, 31 Oct 2025 00:00:00 GMT

We've raised the Cloudflare Workflows account-level limits for all accounts on the Workers paid plan:

Instance creation rate increased from 100 workflow instances per 10 seconds to 100 instances per second
Concurrency limit increased from 4,500 to 10,000 workflow instances per account

These increases mean you can create new instances up to 10x faster, and have more workflow instances concurrently executing. To learn more and get started with Workflows, refer to the getting started guide.

If your application requires a higher limit, fill out the Limit Increase Request Form or contact your account team. Please refer to Workflows pricing for more information.

Cloudflare Fundamentals - Introducing email two-factor authentication

Thu, 30 Oct 2025 00:00:00 GMT

Two-factor authentication (2FA) is one of the best ways to protect your account from the risk of account takeover. Cloudflare has offered phishing resistant 2FA options including hardware based keys (for example, a Yubikey) and app based TOTP (time-based one-time password) options which use apps like Google or Microsoft's Authenticator app. Unfortunately, while these solutions are very secure, they can be lost if you misplace the hardware based key, or lose the phone which includes that app. The result is that users sometimes get locked out of their accounts and need to contact support.

Today, we are announcing the addition of email as a 2FA factor for all Cloudflare accounts. Email 2FA is in wide use across the industry as a least common denominator for 2FA because it is low friction, loss resistant, and still improves security over username/password login only. We also know that most commercial email providers already require 2FA, so your email address is usually well protected already.

You can now enable email 2FA on the Cloudflare dashboard:

Go to Profile at the top right corner.
Select Authentication.
Under Two-Factor Authentication, select Set up.

Sign-in security best practices

Cloudflare is critical infrastructure, and you should protect it as such. Review the following best practices and make sure you are doing your part to secure your account:

Use a unique password for every website, including Cloudflare, and store it in a password manager like 1Password or Keeper. These services are cross-platform and simplify the process of managing secure passwords.
Use 2FA to make it harder for an attacker to get into your account in the event your password is leaked.
Store your backup codes securely. A password manager is the best place since it keeps the backup codes encrypted, but you can also print them and put them somewhere safe in your home.
If you use an app to manage your 2FA keys, enable cloud backup, so that you don't lose your keys in the event you lose your phone.
If you use a custom email domain to sign in, configure SSO.
If you use a public email domain like Gmail or Hotmail, you can also use social login with Apple, GitHub, or Google to sign in.
If you manage a Cloudflare account for work:
- Have at least two administrators in case one of them unexpectedly leaves your company.
- Use SCIM to automate permissions management for members in your Cloudflare account.

Cloudflare Fundamentals - Revamped Member Management UI

Thu, 30 Oct 2025 00:00:00 GMT

As Cloudflare's platform has grown, so has the need for precise, role-based access control. We’ve redesigned the Member Management experience in the Dashboard to help administrators more easily discover, assign, and refine permissions for specific principals.

What's New

Refreshed member invite flow

We overhauled the Invite Members UI to simplify inviting users and assigning permissions.

Refreshed Members Overview Page

We've updated the Members Overview Page to clearly display:

Member 2FA status
Which members hold Super Admin privileges
API access settings per member
Member onboarding state (accepted vs pending invite)

New Member Permission Policies Details View

We've created a new member details screen that shows all permission policies associated with a member; including policies inherited from group associations to make it easier for members to understand the effective permissions they have.

Improved Member Permission Workflow

We redesigned the permission management experience to make it faster and easier for administrators to review roles and grant access.

Account-scoped Policies Restrictions Relaxed

Previously, customers could only associate a single account-scoped policy with a member. We've relaxed this restriction, and now Administrators can now assign multiple account-scoped policies to the same member; bringing policy assignment behavior in-line with user-groups and providing greater flexibility in managing member permissions.

Rules - New TCP-based fields available in Rulesets

Thu, 30 Oct 2025 00:00:00 GMT

Build rules based on TCP transport and latency

Cloudflare now provides two new request fields in the Ruleset engine that let you make decisions based on whether a request used TCP and the measured TCP round-trip time between the client and Cloudflare. These fields help you understand protocol usage across your traffic and build policies that respond to network performance. For example, you can distinguish TCP from QUIC traffic or route high latency requests to alternative origins when needed.

New fields

Field	Type	Description
`cf.edge.client_tcp`	Boolean	Indicates whether the request used TCP. A value of true means the client connected using TCP instead of QUIC.
`cf.timings.client_tcp_rtt_msec`	Number	Reports the smoothed TCP round-trip time between the client and Cloudflare in milliseconds. For example, a value of 20 indicates roughly twenty milliseconds of RTT.

Example filter expression:

cf.edge.client_tcp && cf.timings.client_tcp_rtt_msec < 100

More information can be found in the Rules language fields reference.

WAF - WAF Release - 2025-10-30 - Emergency

Thu, 30 Oct 2025 00:00:00 GMT

This week’s release introduces a new detection signature that enhances coverage for a critical vulnerability in Oracle E-Business Suite, tracked as CVE-2025-61884.

Key Findings

The flaw is easily exploitable and allows an unauthenticated attacker with network access to compromise Oracle Configurator, which can grant access to sensitive resources and configuration data. The affected versions include 12.2.3 through 12.2.14.

Impact

Successful exploitation of CVE-2025-61884 may result in unauthorized access to critical business data or full exposure of information accessible through Oracle Configurator. Administrators are strongly advised to apply vendor's patches and recommended mitigations to reduce this exposure.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	2749f13f8cb34a3dbd49c8c48827402f	N/A	Oracle E-Business Suite - SSRF - CVE:CVE-2025-61884	N/A	Block	This is a New Detection

Workers - Access Workers preview URLs from the Build details page

Thu, 30 Oct 2025 00:00:00 GMT

You can now access preview URLs directly from the build details page, making it easier to test your changes when reviewing builds in the dashboard.

What's new

A Preview button now appears in the top-right corner of the build details page for successful builds
Click it to instantly open the latest preview URL
Matches the same experience you're familiar with from Pages

Access - Access private hostname applications support all ports/protocols

Tue, 28 Oct 2025 00:00:00 GMT

Cloudflare Access for private hostname applications can now secure traffic on all ports and protocols.

Previously, applying Zero Trust policies to private applications required the application to use HTTPS on port 443 and support Server Name Indicator (SNI).

This update removes that limitation. As long as the application is reachable via a Cloudflare off-ramp, you can now enforce your critical security controls — like single sign-on (SSO), MFA, device posture, and variable session lengths — to any private application. This allows you to extend Zero Trust security to services like SSH, RDP, internal databases, and other non-HTTPS applications.

For example, you can now create a self-hosted application in Access for ssh.testapp.local running on port 22. You can then build a policy that only allows engineers in your organization to connect after they pass an SSO/MFA check and are using a corporate device.

This feature is generally available across all plans.

AI Search - Reranking and API-based system prompt configuration in AI Search

Tue, 28 Oct 2025 00:00:00 GMT

AI Search now supports reranking for improved retrieval quality and allows you to set the system prompt directly in your API requests.

Rerank for more relevant results

You can now enable reranking to reorder retrieved documents based on their semantic relevance to the user’s query. Reranking helps improve accuracy, especially for large or noisy datasets where vector similarity alone may not produce the optimal ordering.

You can enable and configure reranking in the dashboard or directly in your API requests:

const answer = await env.AI.autorag("my-autorag").aiSearch({
  query: "How do I train a llama to deliver coffee?",
  model: "@cf/meta/llama-3.3-70b-instruct-fp8-fast",
  reranking: {
    enabled: true,
    model: "@cf/baai/bge-reranker-base"
  }
});

Set system prompts in API

Previously, system prompts could only be configured in the dashboard. You can now define them directly in your API requests, giving you per-query control over behavior. For example:

// Dynamically set query and system prompt in AI Search
async function getAnswer(query, tone) {
  const systemPrompt = `You are a ${tone} assistant.`;

  const response = await env.AI.autorag("my-autorag").aiSearch({
    query: query,
    system_prompt: systemPrompt
  });

  return response;
}

// Example usage
const query = "What is Cloudflare?";
const tone = "friendly";

const answer = await getAnswer(query, tone);
console.log(answer);

Learn more about Reranking and System Prompt in AI Search.

CASB - CASB introduces new granular roles

Tue, 28 Oct 2025 00:00:00 GMT

Cloudflare CASB (Cloud Access Security Broker) now supports two new granular roles to provide more precise access control for your security teams:

Cloudflare CASB Read: Provides read-only access to view CASB findings and dashboards. This role is ideal for security analysts, compliance auditors, or team members who need visibility without modification rights.
Cloudflare CASB: Provides full administrative access to configure and manage all aspects of the CASB product.

These new roles help you better enforce the principle of least privilege. You can now grant specific members access to CASB security findings without assigning them broader permissions, such as the Super Administrator or Administrator roles.

To enable Data Loss Prevention (DLP), scans in CASB, account members will need the Cloudflare Zero Trust role.

You can find these new roles when inviting members or creating API tokens in the Cloudflare dashboard under Manage Account > Members.

To learn more about managing roles and permissions, refer to the Manage account members and roles documentation.

Gateway - New Application Categories added for HTTP Traffic Management

Tue, 28 Oct 2025 00:00:00 GMT

To give you precision and flexibility while creating policies to block unwanted traffic, we are introducing new, more granular application categories in the Gateway product.

We have added the following categories to provide more precise organization and allow for finer-grained policy creation, designed around how users interact with different types of applications:

Business
Education
Entertainment & Events
Food & Drink
Health & Fitness
Lifestyle
Navigation
Photography & Graphic Design
Travel

The new categories are live now, but we are providing a transition period for existing applications to be fully remapped to these new categories.

The full remapping will be completed by January 30, 2026.

We encourage you to use this time to:

Review the new category structure.
Identify and adjust any existing HTTP policies that reference older categories to ensure a smooth transition.

For more information on creating HTTP policies, refer to Applications and app types.

Logs - Azure Sentinel Connector

Mon, 27 Oct 2025 00:00:00 GMT

Logpush now supports integration with Microsoft Sentinel.The new Azure Sentinel Connector built on Microsoft’s Codeless Connector Framework (CCF), is now avaialble. This solution replaces the previous Azure Functions-based connector, offering significant improvements in security, data control, and ease of use for customers. Logpush customers can send logs to Azure Blob Storage and configure this new Sentinel Connector to ingest those logs directly into Microsoft Sentinel.

This upgrade significantly streamlines log ingestion, improves security, and provides greater control:

Simplified Implementation: Easier for engineering teams to set up and maintain.
Cost Control: New support for Data Collection Rules (DCRs) allows you to filter and transform logs at ingestion time, offering potential cost savings.
Enhanced Security: CCF provides a higher level of security compared to the older Azure Functions connector.
ata Lake Integration: Includes native integration with Data Lake.

Find the new solution here and refer to the Cloudflare's developer documentionfor more information on the connector, including setup steps, supported logs and Microsfot's resources.

Radar - TLD Insights in Cloudflare Radar

Mon, 27 Oct 2025 00:00:00 GMT

Radar now introduces Top-Level Domain (TLD) insights, providing visibility into popularity based on the DNS magnitude metric, detailed TLD information including its type, manager, DNSSEC support, RDAP support, and WHOIS data, and trends such as DNS query volume and geographic distribution observed by the 1.1.1.1 DNS resolver.

The following dimensions were added to the Radar DNS API, specifically, to the /dns/summary/{dimension} and /dns/timeseries_groups/{dimension} endpoints:

tld: Top-level domain extracted from DNS queries; can also be used as a filter.
tld_dns_magnitude: Top-level domain ranking by DNS magnitude.

And the following endpoints were added:

/tlds - Lists all TLDs.
/tlds/{tld} - Retrieves information about a specific TLD.

Learn more about the new Radar DNS insights in our blog post, and check out the new Radar page.

Security Center - Cloudforce One RFI tokens are now visible in the dashboard

Mon, 27 Oct 2025 00:00:00 GMT

The Requests for Information (RFI) dashboard now shows users the number of tokens used by each submitted RFI to better understand usage of tokens and how they relate to each request submitted.

What’s new:

Users can now see the number of tokens used for a submitted request for information.
Users can see the remaining tokens allocated to their account for the quarter.
Users can only select the Routine priority for the Strategic Threat Research request type.

Cloudforce One subscribers can try it now in Application Security > Threat Intelligence > Requests for Information.

WAF - WAF Release - 2025-10-24 - Emergency

Fri, 24 Oct 2025 00:00:00 GMT

This week’s release introduces a new detection signature that enhances coverage for a critical vulnerability in Windows Server Update Services (WSUS), tracked as CVE-2025-59287.

Key Findings

The vulnerability allows unauthenticated attackers to potentially achieve remote code execution. The updated detection logic strengthens defenses by improving resilience against exploitation attempts targeting this flaw.

Impact

Successful exploitation of CVE-2025-59287 could enable attackers to hijack sessions, execute arbitrary commands, exfiltrate sensitive data, and disrupt storefront operations. These actions pose significant confidentiality and integrity risks to affected environments. Administrators should apply vendor patches immediately to mitigate exposure.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	5eaeb5ea6e5a4bce867eb3ffbd72ba08	N/A	Windows Server - Deserialization - CVE:CVE-2025-59287	N/A	Block	This is a New Detection

Workers - Automatic resource provisioning for KV, R2, and D1

Fri, 24 Oct 2025 00:00:00 GMT

Previously, if you wanted to develop or deploy a worker with attached resources, you'd have to first manually create the desired resources. Now, if your Wrangler configuration file includes a KV namespace, D1 database, or R2 bucket that does not yet exist on your account, you can develop locally and deploy your application seamlessly, without having to run additional commands.

Automatic provisioning is launching as an open beta, and we'd love to hear your feedback to help us make improvements! It currently works for KV, R2, and D1 bindings. You can disable the feature using the --no-x-provision flag.

To use this feature, update to wrangler@4.45.0 and add bindings to your config file without resource IDs e.g.:

{
  "kv_namespaces": [{ "binding": "MY_KV" }],
  "d1_databases": [{ "binding": "MY_DB" }],
  "r2_buckets": [{ "binding": "MY_R2" }],
}

wrangler dev will then automatically create these resources for you locally, and on your next run of wrangler deploy, Wrangler will call the Cloudflare API to create the requested resources and link them to your Worker.

Though resource IDs will be automatically written back to your Wrangler config file after resource creation, resources will stay linked across future deploys even without adding the resource IDs to the config file. This is especially useful for shared templates, which now no longer need to include account-specific resource IDs when adding a binding.

Workers - Build TanStack Start apps with the Cloudflare Vite plugin

Fri, 24 Oct 2025 00:00:00 GMT

The Cloudflare Vite plugin now supports TanStack Start apps. Get started with new or existing projects.

New projects

Create a new TanStack Start project that uses the Cloudflare Vite plugin via the create-cloudflare CLI:

npm create cloudflare@latest -- my-tanstack-start-app --framework=tanstack-start

yarn create cloudflare my-tanstack-start-app --framework=tanstack-start

pnpm create cloudflare@latest my-tanstack-start-app --framework=tanstack-start

Existing projects

Migrate an existing TanStack Start project to use the Cloudflare Vite plugin:

Install @cloudflare/vite-plugin and wrangler

npm i -D @cloudflare/vite-plugin wrangler

yarn add -D @cloudflare/vite-plugin wrangler

pnpm add -D @cloudflare/vite-plugin wrangler

bun add -d @cloudflare/vite-plugin wrangler

Add the Cloudflare plugin to your Vite config

import { defineConfig } from "vite";
import { tanstackStart } from "@tanstack/react-start/plugin/vite";
import viteReact from "@vitejs/plugin-react";
import { cloudflare } from "@cloudflare/vite-plugin";

export default defineConfig({
  plugins: [
    cloudflare({ viteEnvironment: { name: "ssr" } }),
    tanstackStart(),
    viteReact(),
  ],
});

Add your Worker config file

wrangler.jsonc

{
  "$schema": "./node_modules/wrangler/config-schema.json",
  "name": "my-tanstack-start-app",
  // Set this to today's date
  "compatibility_date": "2026-04-03",
  "compatibility_flags": [
    "nodejs_compat"
  ],
  "main": "@tanstack/react-start/server-entry"
}

wrangler.toml

"$schema" = "./node_modules/wrangler/config-schema.json"
name = "my-tanstack-start-app"
# Set this to today's date
compatibility_date = "2026-04-03"
compatibility_flags = [ "nodejs_compat" ]
main = "@tanstack/react-start/server-entry"

Modify the scripts in your package.json

{
  "scripts": {
    "dev": "vite dev",
    "build": "vite build && tsc --noEmit",
    "start": "node .output/server/index.mjs",
    "preview": "vite preview",
    "deploy": "npm run build && wrangler deploy",
    "cf-typegen": "wrangler types"
  }
}

See the TanStack Start framework guide for more info.

WAF - WAF Release - 2025-10-23 - Emergency

Thu, 23 Oct 2025 00:00:00 GMT

This week highlights enhancements to detection signatures improving coverage for vulnerabilities in Adobe Commerce and Magento Open Source, linked to CVE-2025-54236.

Key Findings

This vulnerability allows unauthenticated attackers to take over customer accounts through the Commerce REST API and, in certain configurations, may lead to remote code execution. The latest update enhances detection logic to provide more resilient protection against exploitation attempts.

Impact

Adobe Commerce (CVE-2025-54236): Exploitation may allow attackers to hijack sessions, execute arbitrary commands, steal data, and disrupt storefronts, resulting in confidentiality and integrity risks for merchants. Administrators are strongly encouraged to apply vendor patches without delay.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	6e04fa2b9eb34fb088034d3fc6ef59a1	N/A	Adobe Commerce - Remote Code Execution - CVE:CVE-2025-54236	N/A	Block	This is a New Detection

Workers AI - Workers AI Markdown Conversion: New endpoint to list supported formats

Thu, 23 Oct 2025 00:00:00 GMT

Developers can now programmatically retrieve a list of all file formats supported by the Markdown Conversion utility in Workers AI.

You can use the env.AI binding:

await env.AI.toMarkdown().supported()

Or call the REST API:

curl https://api.cloudflare.com/client/v4/accounts/{ACCOUNT_ID}/ai/tomarkdown/supported \
  -H 'Authorization: Bearer {API_TOKEN}'

Both return a list of file formats that users can convert into Markdown:

[
  {
    "extension": ".pdf",
    "mimeType": "application/pdf",
  },
  {
    "extension": ".jpeg",
    "mimeType": "image/jpeg",
  },
  ...
]

Learn more about our Markdown Conversion utility.

Workers - Workers Preview URL default behavior now matches your workers.dev setting

Thu, 23 Oct 2025 00:00:00 GMT

We have updated the default behavior for Cloudflare Workers Preview URLs. Going forward, if a preview URL setting is not explicitly configured during deployment, its default behavior will automatically match the setting of your workers.dev subdomain.

This change is intended to provide a more intuitive and secure experience by aligning your preview URL's default state with your workers.dev configuration to prevent cases where a preview URL might remain public even after you disabled your workers.dev route.

What this means for you:

If neither setting is configured: both the workers.dev route and the preview URL will default to enabled
If your workers.dev route is enabled and you do not explicitly set Preview URLs to enabled or disabled: Preview URLs will default to enabled
If your workers.dev route is disabled and you do not explicitly set Preview URLs to enabled or disabled: Preview URLs will default to disabled

You can override the default setting by explicitly enabling or disabling the preview URL in your Worker's configuration through the API, Dashboard, or Wrangler.

Wrangler Version Behavior

The default behavior depends on the version of Wrangler you are using. This new logic applies to the latest version. Here is a summary of the behavior across different versions:

Before v4.34.0: Preview URLs defaulted to enabled, regardless of the workers.dev setting.
v4.34.0 up to (but not including) v4.44.0: Preview URLs defaulted to disabled, regardless of the workers.dev setting.
v4.44.0 or later: Preview URLs now default to matching your workers.dev setting.

Why we’re making this change

In July, we introduced preview URLs to Workers, which let you preview code changes before deploying to production. This made disabling your Worker’s workers.dev URL an ambiguous action — the preview URL, served as a subdomain of workers.dev (ex: preview-id-worker-name.account-name.workers.dev) would still be live even if you had disabled your Worker’s workers.dev route. If you misinterpreted what it meant to disable your workers.dev route, you might unintentionally leave preview URLs enabled when you didn’t mean to, and expose them to the public Internet.

To address this, we made a one-time update to disable preview URLs on existing Workers that had their workers.dev route disabled and changed the default behavior to be disabled for all new deployments where a preview URL setting was not explicitly configured.

While this change helped secure many customers, it was disruptive for customers who keep their workers.dev route enabled and actively use the preview functionality, as it now required them to explicitly enable preview URLs on every redeployment.This new, more intuitive behavior ensures that your preview URL settings align with your workers.dev configuration by default, providing a more secure and predictable experience.

Securing access to workers.dev and preview URL endpoints

To further secure your workers.dev subdomain and preview URL, you can enable Cloudflare Access with a single click in your Worker's settings to limit access to specific users or groups.

AI Crawl Control - New Robots.txt tab for tracking crawler compliance

Tue, 21 Oct 2025 00:00:00 GMT

AI Crawl Control now includes a Robots.txt tab that provides insights into how AI crawlers interact with your robots.txt files.

What's new

The Robots.txt tab allows you to:

Monitor the health status of robots.txt files across all your hostnames, including HTTP status codes, and identify hostnames that need a robots.txt file.
Track the total number of requests to each robots.txt file, with breakdowns of successful versus unsuccessful requests.
Check whether your robots.txt files contain Content Signals directives for AI training, search, and AI input.
Identify crawlers that request paths explicitly disallowed by your robots.txt directives, including the crawler name, operator, violated path, specific directive, and violation count.
Filter robots.txt request data by crawler, operator, category, and custom time ranges.

Take action

When you identify non-compliant crawlers, you can:

Block the crawler in the Crawlers tab
Create custom WAF rules for path-specific security
Use Redirect Rules to guide crawlers to appropriate areas of your site

To get started, go to AI Crawl Control > Robots.txt in the Cloudflare dashboard. Learn more in the Track robots.txt documentation.

Gateway - Schedule DNS policies from the UI

Mon, 20 Oct 2025 00:00:00 GMT

Admins can now create scheduled DNS policies directly from the Zero Trust dashboard, without using the API. You can configure policies to be active during specific, recurring times, such as blocking social media during business hours or gaming sites on school nights.

Preset Schedules: Use built-in templates for common scenarios like Business Hours, School Days, Weekends, and more.
Custom Schedules: Define your own schedule with specific days and up to three non-overlapping time ranges per day.
Timezone Control: Choose to enforce a schedule in a specific timezone (for example, US Eastern) or based on the local time of each user.
Combined with Duration: Policies can have both a schedule and a duration. If both are set, the duration's expiration takes precedence.

You can see the flow in the demo GIF:

This update makes time-based DNS policies accessible to all Gateway customers, removing the technical barrier of the API.

WAF - WAF Release - 2025-10-20

Mon, 20 Oct 2025 00:00:00 GMT

This week’s update introduces an enhanced rule that expands detection coverage for a critical vulnerability in Oracle E-Business Suite. It also improves an existing rule to provide more reliable coverage in request processing.

Key Findings

New WAF rule deployed for Oracle E-Business Suite (CVE-2025-61882) to block unauthenticated attacker's network access via HTTP to compromise Oracle Concurrent Processing. If successfully exploited, this vulnerability may result in remote code execution.

Impact

Successful exploitation of CVE-2025-61882 allows unauthenticated attackers to execute arbitrary code remotely by chaining multiple weaknesses, enabling lateral movement into internal services, data exfiltration, and large-scale extortionware deployment within Oracle E-Business Suite environments.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	933fc13202cd4e8ba498c0f32b4101ab	100598A	Remote Code Execution - Common Bash Bypass - Beta	Log	Block	This rule is merged into the original rule "Remote Code Execution - Common Bash Bypass" (ID: f8238867ed3e4d3a9a7b731a50cec478 )
Cloudflare Managed Ruleset	185b5df42d1e44e0aeb8f8b8a1118614	100916A	Oracle E-Business Suite - Remote Code Execution - CVE:CVE-2025-61882 - 2	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	646bccf7e9dc46918a4150d6c22b51d3	N/A	HTTP Truncated	N/A	Disabled	This is a New Detection

Email security - On-Demand Security Report

Fri, 17 Oct 2025 22:14:43 GMT

You can now generate on-demand security reports directly from the Cloudflare dashboard. This new feature provides a comprehensive overview of your email security posture, making it easier than ever to demonstrate the value of Cloudflare’s Email security to executives and other decision makers.

These reports offer several key benefits:

Executive Summary: Quickly view the performance of Email security with a high-level executive summary.
Actionable Insights: Dive deep into trend data, breakdowns of threat types, and analysis of top targets to identify and address vulnerabilities.
Configuration Transparency: Gain a clear view of your policy, submission, and domain configurations to ensure optimal setup.
Account Takeover Risks: Get a snapshot of your M365 risky users (requires a Microsoft Entra ID P2 license and M365 SaaS integration).

This feature is available across the following Email security packages:

Advantage
Enterprise
Enterprise + PhishGuard

Security Center - New Application Security reports (Closed Beta)

Fri, 17 Oct 2025 00:00:00 GMT

Cloudflare's new Application Security report, currently in Closed Beta, is now available in the dashboard.

Go to Security reports

The reports are generated monthly and provide cyber security insights trends for all of the Enterprise zones in your Cloudflare account.

The reports also include an industry benchmark, comparing your cyber security landscape to peers in your industry.

Learn more about the reports by referring to the Security Reports documentation.

Use the feedback survey link at the top of the page to help us improve the reports.

WAF - New detections released for WAF managed rulesets

Fri, 17 Oct 2025 00:00:00 GMT

This week we introduced several new detections across Cloudflare Managed Rulesets, expanding coverage for high-impact vulnerability classes such as SSRF, SQLi, SSTI, Reverse Shell attempts, and Prototype Pollution. These rules aim to improve protection against attacker-controlled payloads that exploit misconfigurations or unvalidated input in web applications.

Key Findings

New detections added for multiple exploit categories:

SSRF (Server-Side Request Forgery) — new rules targeting both local and cloud metadata abuse patterns (Beta).

SQL Injection (SQLi) — rules for common patterns, sleep/time-based injections, and string/wait function exploitation across headers and URIs.

SSTI (Server-Side Template Injection) — arithmetic-based probe detections introduced across URI, header, and body fields.

Reverse Shell and XXE payloads — enhanced heuristics for command execution and XML external entity misuse.

Prototype Pollution — new Beta rule identifying common JSON payload structures used in object prototype poisoning.

PHP Wrapper Injection and HTTP Parameter Pollution detections — to catch path traversal and multi-parameter manipulation attempts.

Anomaly Header Checks — detecting CRLF injection attempts in header names.

Impact

These updates help detect multi-vector payloads that blend SSRF + RCE or SQLi + SSTI attacks, especially in cloud-hosted applications with exposed metadata endpoints or unsafe template rendering.

Prototype Pollution and HTTP parameter pollution rules address emerging JavaScript supply-chain exploitation patterns increasingly seen in real-world incidents.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	72f0ff933fb0492eb71cda50589f2a1d	N/A	Anomaly:Header - name - CR, LF	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	5d0377e4435f467488614170132fab7e	N/A	Generic Rules - Reverse Shell - Body	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	54e32f7f802c4a699182e8921a027008	N/A	Generic Rules - Reverse Shell - Header	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	7cbda8dbafbc465d9b64a8f2958d0486	N/A	Generic Rules - Reverse Shell - URI	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	b9f3420674cf481da32333dc8e0cf7ad	N/A	Generic Rules - XXE - Body	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	ad55483512f0440b81426acdbf8aab5e	N/A	Generic Rules - SQLi - Common Patterns - Header URI	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	849c0618d1674f1c92ba6f9b2e466337	N/A	Generic Rules - SQLi - Sleep Function - Header URI	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	1b4db4c4bd0649c095c27c6cb686ab47	N/A	Generic Rules - SQLi - String Function - Header URI	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	fa2055b84af94ba4b925f834b0633709	N/A	Generic Rules - SQLi - WaitFor Function - Header URI	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	158177dec2504acdba1f2da201a076eb	N/A	SSRF - Local - Beta	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	98bfd6bb46074d5b8d1c4b39743a63ec	N/A	SSRF - Local - 2 - Beta	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	54e1733b10da4a599e06c6fbc2e84e2d	N/A	SSRF - Cloud - Beta	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	ecd26d61a75e46f6a4449a06ab8af26f	N/A	SSRF - Cloud - 2 - Beta	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	c16f4e133c4541f293142d02e6e8dc5b	N/A	SSTI - Arithmetic Probe - URI	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	f4fd9904e7624666b8c49cd62550d794	N/A	SSTI - Arithmetic Probe - Header	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	5c0875604f774c36a4f9b69c659d12a6	N/A	SSTI - Arithmetic Probe - Body	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	fae6fa37ae9249d58628e54b1a3e521e	N/A	PHP Wrapper Injection	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	9c02e585db34440da620eb668f76bd74	N/A	PHP Wrapper Injection	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	cb67fe56a84747b8b64277dc091e296d	N/A	HTTP parameter pollution	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	443b54d984944cd69043805ee34214ef	N/A	Prototype Pollution - Common Payloads - Beta	N/A	Disabled	This is a New Detection

Cloudflare One Client - WARP client for Windows (version 2025.9.173.1)

Thu, 16 Oct 2025 15:29:54 GMT

A new Beta release for the Windows WARP client is now available on the beta releases downloads page.

This release contains minor fixes, improvements, and new features including Path Maximum Transmission Unit Discovery (PMTUD). With PMTUD enabled, the client will dynamically adjust packet sizing to optimize connection performance. There is also a new connection status message in the GUI to inform users that the local network connection may be unstable. This will make it easier to debug connectivity issues.

Changes and improvements

Improvements for Windows multi-user to maintain the Global WARP override state when switching between users.
The GUI now displays the health of the tunnel and DNS connections by showing a connection status message when the network may be unstable. This will make it easier to debug connectivity issues.
Deleting registrations no longer returns an error when succeeding.
Path Maximum Transmission Unit Discovery (PMTUD) is now used to discover the effective MTU of the connection. This allows the client to improve connection performance optimized for the current network.

Known issues

For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum Windows 11 24H2 KB5062553 or higher for resolution.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2025.9.173.1)

Thu, 16 Oct 2025 15:29:52 GMT

A new Beta release for the macOS WARP client is now available on the beta releases downloads page.

Changes and improvements

The GUI now displays the health of the tunnel and DNS connections by showing a connection status message when the network may be unstable. This will make it easier to debug connectivity issues.
Deleting registrations no longer returns an error when succeeding.
Path Maximum Transmission Unit Discovery (PMTUD) is now used to discover the effective MTU of the connection. This allows the client to improve connection performance optimized for the current network.

Known issues

macOS Sequoia: Due to changes Apple introduced in macOS 15.0.x, the WARP client may not behave as expected. Cloudflare recommends the use of macOS 15.4 or later.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.

Durable Objects, Workers - View and edit Durable Object data in UI with Data Studio (Beta)

Thu, 16 Oct 2025 00:00:00 GMT

You can now view and write to each Durable Object's storage using a UI editor on the Cloudflare dashboard. Only Durable Objects using SQLite storage can use Data Studio.

Go to Durable Objects

Data Studio unlocks easier data access with Durable Objects for prototyping application data models to debugging production storage usage. Before, querying your Durable Objects data required deploying a Worker.

To access a Durable Object, you can provide an object's unique name or ID generated by Cloudflare. Data Studio requires you to have at least the Workers Platform Admin role, and all queries are captured with audit logging for your security and compliance needs. Queries executed by Data Studio send requests to your remote, deployed objects and incur normal usage billing.

To learn more, visit the Data Studio documentation. If you have feedback or suggestions for the new Data Studio, please share your experience on Discord

Cloudflare Fundamentals - Increased HTTP header size limit to 128 KB

Thu, 16 Oct 2025 00:00:00 GMT

CDN now supports 128 KB request and response headers 🚀

We're excited to announce a significant increase in the maximum header size supported by Cloudflare's Content Delivery Network (CDN). Cloudflare now supports up to 128 KB for both request and response headers.

Previously, customers were limited to a total of 32 KB for request or response headers, with a maximum of 16 KB per individual header. Larger headers could cause requests to fail with HTTP 413 (Request Header Fields Too Large) errors.

What's new?

Support for large headers: You can now utilize much larger headers, whether as a single large header up to 128 KB or split over multiple headers.
Reduces 413 and 520 HTTP errors: This change drastically reduces the likelihood of customers encountering HTTP 413 errors from large request headers or HTTP 520 errors caused by oversized response headers, improving the overall reliability of your web applications.
Enhanced functionality: This is especially beneficial for applications that rely on:
- A large number of cookies.
- Large Content-Security-Policy (CSP) response headers.
- Advanced use cases with Cloudflare Workers that generate large response headers.

This enhancement improves compatibility with Cloudflare's CDN, enabling more use cases that previously failed due to header size limits.

To learn more and get started, refer to the Cloudflare Fundamentals documentation.

Load Balancing - Monitor Groups for Advanced Health Checking With Load Balancing

Thu, 16 Oct 2025 00:00:00 GMT

Cloudflare Load Balancing now supports Monitor Groups, a powerful new way to combine multiple health monitors into a single, logical group. This allows you to create sophisticated health checks that more accurately reflect the true availability of your applications by assessing multiple services at once.

With Monitor Groups, you can ensure that all critical components of an application are healthy before sending traffic to an origin pool, enabling smarter failover decisions and greater resilience. This feature is now available via the API for customers with an Enterprise Load Balancing subscription.

What you can do:

Combine Multiple Monitors: Group different health monitors (for example, HTTP, TCP) that check various application components, like a primary API gateway and a specific /login service.
Isolate Monitors for Observation: Mark a monitor as "monitoring only" to receive alerts and data without it affecting a pool's health status or traffic steering. This is perfect for testing new checks or observing non-critical dependencies.
Improve Steering Intelligence: Latency for Dynamic Steering is automatically averaged across all active monitors in a group, providing a more holistic view of an origin's performance.

This enhancement is ideal for complex, multi-service applications where the health of one component depends on another. By aggregating health signals, Monitor Groups provide a more accurate and comprehensive assessment of your application's true status.

For detailed information and API configuration guides, please visit our developer documentation for Monitor Groups.

AI Crawl Control - Enhanced AI Crawl Control metrics with new drilldowns and filters

Tue, 14 Oct 2025 00:00:00 GMT

AI Crawl Control now provides enhanced metrics and CSV data exports to help you better understand AI crawler activity across your sites.

What's new

Track crawler requests over time

Visualize crawler activity patterns over time, and group data by different dimensions:

By Crawler — Track activity from individual AI crawlers (GPTBot, ClaudeBot, Bytespider)
By Category — Analyze crawler purpose or type
By Operator — Discover which companies (OpenAI, Anthropic, ByteDance) are crawling your site
By Host — Break down activity across multiple subdomains
By Status Code — Monitor HTTP response codes to crawlers (200s, 300s, 400s, 500s)

Analyze referrer data (Paid plans)

Identify traffic sources with referrer analytics:

View top referrers driving traffic to your site
Understand discovery patterns and content popularity from AI operators

Export data

Download your filtered view as a CSV:

Includes all applied filters and groupings
Useful for custom reporting and deeper analysis

Get started

Log in to the Cloudflare dashboard, and select your account and domain.
Go to AI Crawl Control > Metrics.
Use the grouping tabs to explore different views of your data.
Apply filters to focus on specific crawlers, time ranges, or response codes.
Select Download CSV to export your filtered data for further analysis.

Learn more about AI Crawl Control.

Cloudflare Fundamentals - Single sign-on now manageable in the user experience

Tue, 14 Oct 2025 00:00:00 GMT

During Birthday Week, we announced that single sign-on (SSO) is available for free to everyone who signs in with a custom email domain and maintains a compatible identity provider. SSO minimizes user friction around login and provides the strongest security posture available. At the time, this could only be configured using the API.

Today, we are launching a new user experience which allows users to manage their SSO configuration from within the Cloudflare dashboard. You can access this by going to Manage account > Members > Settings.

For more information

Cloudflare dashboard SSO

WAF - WAF Release - 2025-10-13

Mon, 13 Oct 2025 00:00:00 GMT

This week’s highlights include a new JinJava rule targeting a sandbox-bypass flaw that could allow malicious template input to escape execution controls. The rule improves detection for unsafe template rendering paths.

Key Findings

New WAF rule deployed for JinJava (CVE-2025-59340) to block a sandbox bypass in the template engine that permits attacker-controlled type construction and arbitrary class instantiation; in vulnerable environments this can escalate to remote code execution and full server compromise.

Impact

CVE-2025-59340 — Exploitation enables attacker-supplied type descriptors / Jackson ObjectMapper abuse, allowing arbitrary class loading, file/URL access (LFI/SSRF primitives) and, with suitable gadget chains, potential remote code execution and system compromise.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	b327d6442e2d4848b4aab3cbc04bab5f	100892	JinJava - SSTI - CVE:CVE-2025-59340	Log	Block	This is a New Detection

Gateway - New domain categories added

Fri, 10 Oct 2025 00:00:00 GMT

We have added three new domain categories under the Technology parent category, to better reflect online content and improve DNS filtering.

New categories added

Parent ID	Parent Name	Category ID	Category Name
26	Technology	194	Keep Awake Software
26	Technology	192	Remote Access
26	Technology	193	Shareware/Freeware

Refer to Gateway domain categories to learn more.

Workers - Worker startup time limit increased to 1 second

Fri, 10 Oct 2025 00:00:00 GMT

You can now upload a Worker that takes up 1 second to parse and execute its global scope. Previously, startup time was limited to 400 ms.

This allows you to run Workers that import more complex packages and execute more code prior to requests being handled.

For more information, see the documentation on Workers startup limits.

Radar - Expanded CT log activity insights on Cloudflare Radar

Thu, 09 Oct 2025 00:00:00 GMT

Radar has expanded its Certificate Transparency (CT) log insights with new stats that provide greater visibility into log activity:

Log growth rate: The average throughput of the CT log over the past 7 days, measured in certificates per hour.
Included certificate count: The total number of certificates already included in this CT log.
Eligible-for-inclusion certificate count: The number of certificates eligible for inclusion in this log but not yet included. This metric is based on certificates signed by trusted root CAs within the log’s accepted date range.
Last update: The timestamp of the most recent update to the CT log.

These new statistics have been added to the response of the Get Certificate Log Details API endpoint, and are displayed on the CT log information page.

Workers - You can now deploy full-stack apps on Workers using Terraform

Thu, 09 Oct 2025 00:00:00 GMT

You can now upload Workers with static assets (like HTML, CSS, JavaScript, images) with the Cloudflare Terraform provider v5.11.0, making it even easier to deploy and manage full-stack apps with IaC.

Previously, you couldn't use Terraform to upload static assets without writing custom scripts to handle generating an asset manifest, calling the Cloudflare API to upload assets in chunks, and handling change detection.

Now, you simply define the directory where your assets are built, and we handle the rest. Check out the examples for what this looks like in Terraform configuration.

You can get started today with the Cloudflare Terraform provider (v5.11.0), using either the existing cloudflare_workers_script resource, or the beta cloudflare_worker_version resource.

Examples

With `cloudflare_workers_script`

Here's how you can use the existing cloudflare_workers_script resource to upload your Worker code and assets in one shot.

resource "cloudflare_workers_script" "my_app" {
  account_id  = var.account_id
  script_name = "my-app"

  content_file   = "./dist/worker/index.js"
  content_sha256 = filesha256("./dist/worker/index.js")
  main_module    = "index.js"

  # Just point to your assets directory - that's it!
  assets = {
    directory = "./dist/static"
  }
}

With `cloudflare_worker`, `cloudflare_worker_version`, and `cloudflare_workers_deployment`

And here's an example using the beta cloudflare_worker_version resource, alongside the cloudflare_worker and cloudflare_workers_deployment resources:

# This tracks the existence of your Worker, so that you
# can upload code and assets separately from tracking Worker state.

resource "cloudflare_worker" "my_app" {
  account_id = var.account_id
  name       = "my-app"
}

resource "cloudflare_worker_version" "my_app_version" {
  account_id = var.account_id
  worker_id  = cloudflare_worker.my_app.id

  # Just point to your assets directory - that's it!
  assets = {
    directory = "./dist/static"
  }

  modules = [{
    name         = "index.js"
    content_file = "./dist/worker/index.js"
    content_type = "application/javascript+module"
  }]
}

resource "cloudflare_workers_deployment" "my_app_deployment" {
  account_id  = var.account_id
  script_name = cloudflare_worker.my_app.name

  strategy = "percentage"
  versions = [{
    version_id = cloudflare_worker_version.my_app_version.id
    percentage = 100
  }]
}

What's changed

Under the hood, the Cloudflare Terraform provider now handles the same logic that Wrangler uses for static asset uploads. This includes scanning your assets directory, computing hashes for each file, generating a manifest with file metadata, and calling the Cloudflare API to upload any missing files in chunks. We support large directories with parallel uploads and chunking, and when the asset manifest hash changes, we detect what's changed and trigger an upload for only those changed files.

Try it out

Get started with the Cloudflare Terraform provider (v5.11.0)
You can use either the existing cloudflare_workers_script resource to upload your Worker code and assets in one resource.
Or you can use the new beta cloudflare_worker_version resource (along with the cloudflare_worker and cloudflare_workers_deployment) resources to more granularly control the lifecycle of each Worker resource.

Workers - You can now deploy and manage Workflows in Terraform

Thu, 09 Oct 2025 00:00:00 GMT

You can now create and manage Workflows using Terraform, now supported in the Cloudflare Terraform provider v5.11.0. Workflows allow you to build durable, multi-step applications -- without needing to worry about retrying failed tasks or managing infrastructure.

Now, you can deploy and manage Workflows through Terraform using the new cloudflare_workflow resource:

resource "cloudflare_workflow" "my_workflow" {
  account_id    = var.account_id
  workflow_name = "my-workflow"
  class_name    = "MyWorkflow"
  script_name   = "my-worker"
}

Examples

Here are full examples of how to configure cloudflare_workflow in Terraform, using the existing cloudflare_workers_script resource, and the beta cloudflare_worker_version resource.

With `cloudflare_workflow` and `cloudflare_workers_script`

resource "cloudflare_workers_script" "workflow_worker" {
  account_id  = var.cloudflare_account_id
  script_name = "my-workflow-worker"

  content_file   = "${path.module}/../dist/worker/index.js"
  content_sha256 = filesha256("${path.module}/../dist/worker/index.js")
  main_module    = "index.js"
}

resource "cloudflare_workflow" "workflow" {
  account_id    = var.cloudflare_account_id
  workflow_name = "my-workflow"
  class_name    = "MyWorkflow"
  script_name   = cloudflare_workers_script.workflow_worker.script_name
}

With `cloudflare_workflow`, and the new beta resources

You can more granularly control the lifecycle of each Worker resource using the beta cloudflare_worker_version resource, alongside the cloudflare_worker and cloudflare_workers_deployment resources.

resource "cloudflare_worker" "workflow_worker" {
  account_id = var.cloudflare_account_id
  name       = "my-workflow-worker"
}

resource "cloudflare_worker_version" "workflow_worker_version" {
  account_id = var.cloudflare_account_id
  worker_id  = cloudflare_worker.workflow_worker.id

  main_module         = "index.js"

  modules = [{
    name         = "index.js"
    content_file = "${path.module}/../dist/worker/index.js"
    content_type = "application/javascript+module"
  }]
}

resource "cloudflare_workers_deployment" "workflow_deployment" {
  account_id  = var.cloudflare_account_id
  script_name = cloudflare_worker.workflow_worker.name

  strategy = "percentage"
  versions = [{
    version_id = cloudflare_worker_version.workflow_worker_version.id
    percentage = 100
  }]
}

resource "cloudflare_workflow" "my_workflow" {
  account_id    = var.cloudflare_account_id
  workflow_name = "my-workflow"
  class_name    = "MyWorkflow"
  script_name   = cloudflare_worker.workflow_worker.name
}

Try it out

Get started with the Cloudflare Terraform provider (v5.11.0) and the new cloudflare_workflow resource.

Cloudflare One Client - WARP client for Linux (version 2025.8.779.0)

Tue, 07 Oct 2025 19:20:00 GMT

A new GA release for the Linux WARP client is now available on the stable releases downloads page.

This release contains significant fixes and improvements including an updated public key for Linux packages. The public key must be updated if it was installed before September 12, 2025 to ensure the repository remains functional after December 4, 2025. Instructions to make this update are available at pkg.cloudflareclient.com.

Changes and improvements

Proxy mode has been enhanced for even faster resolution. Proxy mode now supports SOCKS4, SOCK5, and HTTP CONNECT over an L4 tunnel with custom congestion control optimizations instead of the previous L3 tunnel to Cloudflare's network. This has more than doubled Proxy mode throughput in lab speed testing, by an order of magnitude in some cases.
The MASQUE protocol is now the only protocol that can use Proxy mode. If you previously configured a device profile to use Proxy mode with Wireguard, you will need to select a new WARP mode or switch to the MASQUE protocol. Otherwise, all devices matching the profile will lose connectivity.

Known issues

Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.

Cloudflare One Client - WARP client for Windows (version 2025.8.779.0)

Tue, 07 Oct 2025 17:02:40 GMT

A new GA release for the Windows WARP client is now available on the stable releases downloads page.

This release contains significant fixes and improvements.

Changes and improvements

Proxy mode has been enhanced for even faster resolution. Proxy mode now supports SOCKS4, SOCK5, and HTTP CONNECT over an L4 tunnel with custom congestion control optimizations instead of the previous L3 tunnel to Cloudflare's network. This has more than doubled Proxy mode throughput in lab speed testing, by an order of magnitude in some cases.
The MASQUE protocol is now the only protocol that can use Proxy mode. If you previously configured a device profile to use Proxy mode with Wireguard, you will need to select a new WARP mode or switch to the MASQUE protocol. Otherwise, all devices matching the profile will lose connectivity.

Known issues

For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum Windows 11 24H2 KB5062553 or higher for resolution.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2025.8.779.0)

Tue, 07 Oct 2025 17:02:40 GMT

A new GA release for the macOS WARP client is now available on the stable releases downloads page.

This release contains significant fixes and improvements.

Changes and improvements

Proxy mode has been enhanced for even faster resolution. Proxy mode now supports SOCKS4, SOCK5, and HTTP CONNECT over an L4 tunnel with custom congestion control optimizations instead of the previous L3 tunnel to Cloudflare's network. This has more than doubled Proxy mode throughput in lab speed testing, by an order of magnitude in some cases.
The MASQUE protocol is now the only protocol that can use Proxy mode. If you previously configured a device profile to use Proxy mode with Wireguard, you will need to select a new WARP mode or switch to the MASQUE protocol. Otherwise, all devices matching the profile will lose connectivity.

Known issues

macOS Sequoia: Due to changes Apple introduced in macOS 15.0.x, the WARP client may not behave as expected. Cloudflare recommends the use of macOS 15.4 or later.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.

Cloudflare Fundamentals - Automated reminders for backup codes

Tue, 07 Oct 2025 00:00:00 GMT

The most common reason users contact Cloudflare support is lost two-factor authentication (2FA) credentials. Cloudflare supports both app-based and hardware keys for 2FA, but you could lose access to your account if you lose these. Over the past few weeks, we have been rolling out email and in-product reminders that remind you to also download backup codes (sometimes called recovery keys) that can get you back into your account in the event you lose your 2FA credentials. Download your backup codes now by logging into Cloudflare, then navigating to Profile > Security & Authentication > Backup codes.

Sign-in security best practices

Cloudflare is critical infrastructure, and you should protect it as such. Please review the following best practices and make sure you are doing your part to secure your account.

Use a unique password for every website, including Cloudflare, and store it in a password manager like 1Password or Keeper. These services are cross-platform and simplify the process of managing secure passwords.
Use 2FA to make it harder for an attacker to get into your account in the event your password is leaked
Store your backup codes securely. A password manager is the best place since it keeps the backup codes encrypted, but you can also print them and put them somewhere safe in your home.
If you use an app to manage your 2FA keys, enable cloud backup, so that you don't lose your keys in the event you lose your phone.
If you use a custom email domain to sign in, configure SSO.
If you use a public email domain like Gmail or Hotmail, you can also use social login with Apple, GitHub, or Google to sign in.
If you manage a Cloudflare account for work:
- Have at least two administrators in case one of them unexpectedly leaves your company
- Use SCIM to automate permissions management for members in your Cloudflare account

WAF - WAF Release - 2025-10-07 - Emergency

Tue, 07 Oct 2025 00:00:00 GMT

This week highlights multiple critical Cisco vulnerabilities (CVE-2025-20363, CVE-2025-20333, CVE-2025-20362). This flaw stems from improper input validation in HTTP(S) requests. An authenticated VPN user could send crafted requests to execute code as root, potentially compromising the device. The initial two rules were made available on September 28, with a third rule added today, October 7, for more robust protection.

Cisco (CVE-2025-20333, CVE-2025-20362, CVE-2025-20363): Multiple vulnerabilities that could allow attackers to exploit unsafe deserialization and input validation flaws. Successful exploitation may result in arbitrary code execution, privilege escalation, or command injection on affected systems.

Impact

Cisco (CVE-2025-20333, CVE-2025-20362, CVE-2025-20363): Exploitation enables attackers to escalate privileges or achieve remote code execution via command injection. Administrators are strongly advised to apply vendor updates immediately.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	12f808a5315441688f3b7c8a3a4d1bd6	100788B	Cisco Secure Firewall Adaptive Security Appliance - Remote Code Execution - CVE:CVE-2025-20333, CVE:CVE-2025-20362, CVE:CVE-2025-20363	N/A	Block	This is a New Detection

Workers - New Overview Page for Cloudflare Workers

Tue, 07 Oct 2025 00:00:00 GMT

Each of your Workers now has a new overview page in the Cloudflare dashboard.

The goal is to make it easier to understand your Worker without digging through multiple tabs. Think of it as a new home base, a place to get a high-level overview on what's going on.

It's the first place you land when you open a Worker in the dashboard, and it gives you an immediate view of what’s going on. You can see requests, errors, and CPU time at a glance. You can view and add bindings, and see recent versions of your app, including who published them.

Navigation is also simpler, with visually distinct tabs at the top of the page. At the bottom right you'll find guided steps for what to do next that are based on the state of your Worker, such as adding a binding or connecting a custom domain.

We plan to add more here over time. Better insights, more controls, and ways to manage your Worker from one page.

If you have feedback or suggestions for the new Overview page or your Cloudflare Workers experience in general, we'd love to hear from you. Join the Cloudflare developer community on Discord.

R2 - R2 Data Catalog table-level compaction

Mon, 06 Oct 2025 00:00:00 GMT

You can now enable compaction for individual Apache Iceberg tables in R2 Data Catalog, giving you fine-grained control over different workloads.

# Enable compaction for a specific table (no token required)
npx wrangler r2 bucket catalog compaction enable <BUCKET> <NAMESPACE> <TABLE> --target-size 256

This allows you to:

Apply different target file sizes per table
Disable compaction for specific tables
Optimize based on table-specific access patterns

Learn more at Manage catalogs.

Radar - Browser Support Detection for PQ Encryption on Cloudflare Radar

Mon, 06 Oct 2025 00:00:00 GMT

Radar now includes browser detection for Post-quantum (PQ) encryption. The Post-quantum encryption card now checks whether a user’s browser supports post-quantum encryption. If support is detected, information about the key agreement in use is displayed.

WAF - WAF Release - 2025-10-06

Mon, 06 Oct 2025 00:00:00 GMT

This week’s highlights prioritise an emergency Oracle E-Business Suite RCE rule deployed to block active, high-impact exploitation. Also addressed are high-severity Chaos Mesh controller command-injection flaws that enable unauthenticated in-cluster RCE and potential cluster compromise, plus a form-data multipart boundary issue that permits HTTP Parameter Pollution (HPP). Two new generic SQLi detections were added to catch inline-comment obfuscation and information disclosure techniques.

Key Findings

New emergency rule released for Oracle E-Business Suite (CVE-2025-61882) addressing an actively exploited remote code execution vulnerability in core business application modules. Immediate mitigation deployed to protect enterprise workloads.
Chaos Mesh (CVE-2025-59358,CVE-2025-59359,CVE-2025-59360,CVE-2025-59361): A GraphQL debug endpoint on the Chaos Controller Manager is exposed without authentication; several controller mutations (cleanTcs, killProcesses, cleanIptables) are vulnerable to OS command injection.
Form-Data (CVE-2025-7783): Attackers who can observe Math.random() outputs and control request fields in form-data may exploit this flaw to perform HTTP parameter pollution, leading to request tampering or data manipulation.
Two new generic SQLi detections added to enhance baseline coverage against inline-comment obfuscation and information disclosure attempts.

Impact

CVE-2025-61882 — Oracle E-Business Suite remote code execution (emergency detection): attacker-controlled input can yield full system compromise, data exfiltration, and operational outage; immediate blocking enforced.
CVE-2025-59358 / CVE-2025-59359 / CVE-2025-59360 / CVE-2025-59361 — Unauthenticated command-injection in Chaos Mesh controllers allowing remote code execution, cluster compromise, and service disruption (high availability risk).
CVE-2025-7783 — Predictable multipart boundaries in form-data enabling HTTP Parameter Pollution; results include request tampering, parameter overwrite, and downstream data integrity loss.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	0c9bf31ab6fa41fc8f12daaf8650f52f	100882	Chaos Mesh - Missing Authentication - CVE:CVE-2025-59358	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	5d459ed434ed446c9580c73c2b8c3680	100883	Chaos Mesh - Command Injection - CVE:CVE-2025-59359	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	a2591ba5befa4815a6861aefef859a04	100884	Chaos Mesh - Command Injection - CVE:CVE-2025-59361	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	05eea4fabf6f4cf3aac1094b961f26a7	100886	Form-Data - Parameter Pollution - CVE:CVE-2025-7783	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	90514c7810694b188f56979826a4074c	100888	Chaos Mesh - Command Injection - CVE:CVE-2025-59360	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	42fbc8c09ec84578b9633ffc31101b2f	100916	Oracle E-Business Suite - Remote Code Execution - CVE:CVE-2025-61882	N/A	Block	This is a New Detection
Cloudflare Managed Ruleset	badc687a3ba3420a844220b129aa43c3	100917	Generic Rules - SQLi - Inline Comment Injection	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	28fa27511f29428899ceb5a273c10b6f	100918	Generic Rules - SQLi - Information Disclosure	N/A	Disabled	This is a New Detection

WAF - WAF Release - 2025-10-03

Fri, 03 Oct 2025 00:00:00 GMT

Managed Ruleset Updated

This update introduces 21 new detections in the Cloudflare Managed Ruleset (all currently set to Disabled mode to preserve remediation logic and allow quick activation if needed). The rules cover a broad spectrum of threats - SQL injection techniques, command and code injection, information disclosure of common files, URL anomalies, and cross-site scripting.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	0d02c2fb14eb4cec9c2e2b58d61fac74	100902	Generic Rules - Command Execution - 2	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	c3079865ce9a41368657026b514aeeb8	100908	Generic Rules - Command Execution - 3	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	107ae2922b654bb28df7ca978d46a6f4	100910	Generic Rules - Command Execution - 4	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	68bdb75ae6d24e139a83e5731bd0a329	100915	Generic Rules - Command Execution - 5	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	ea04bb580f7d400386c7dc1d5e51450a	100899	Generic Rules - Content-Type Abuse	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	233364f656ff42b8acc41dcd7996012f	100914	Generic Rules - Content-Type Injection	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	1aa695281c954513be3d003b93209312	100911	Generic Rules - Cookie Header Injection	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	d9f9e4f5bf11489da52dccb40f373b3f	100905	Generic Rules - NoSQL Injection	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	5a1897b714e044a887c0f3f078a0ed04	100913	Generic Rules - NoSQL Injection - 2	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	4d6fd28df4f1494e95e70d2c5d649624	100907	Generic Rules - Parameter Pollution	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	61181e3af5304f7396c7d01cfd1c674e	100906	Generic Rules - PHP Object Injection	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	ed5190bfbe1b45a6a645126334c88168	100904	Generic Rules - Prototype Pollution	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	3ec33bc5ac77495a9f55020e3ab43f7e	100897	Generic Rules - Prototype Pollution 2	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	c6d752c4909e4b7e8eff6c780d94ee22	100903	Generic Rules - Reverse Shell	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	caf37e7800bb4635bcc2eefcd5add8e3	100909	Generic Rules - Reverse Shell - 2	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	475d090baead467c88dfabbb565c78b0	100898	Generic Rules - SSJI NoSQL	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	f4c7f98934264c9c937eec1212b837a0	100896	Generic Rules - SSRF	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	efd01b814d144e90b36522b311c4fb00	100895	Generic Rules - Template Injection	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	00a9a0d663da4add95b863abd3ed0123	100895A	Generic Rules - Template Injection - 2	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	e58c0fffee4f4374bd37f2577501a1d9	100912	Generic Rules - XXE	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	ab09ba8d00eb4cdbb7a6a65ddc55cdb6	100900	Relative Paths - Anomaly Headers	N/A	Disabled	This is a New Detection

Workers - One-click Cloudflare Access for Workers

Fri, 03 Oct 2025 00:00:00 GMT

You can now enable Cloudflare Access for your workers.dev and Preview URLs in a single click.

Access allows you to limit access to your Workers to specific users or groups. You can limit access to yourself, your teammates, your organization, or anyone else you specify in your Access policy.

To enable Cloudflare Access:

In the Cloudflare dashboard, go to the Workers & Pages page.
Go to Workers & Pages
In Overview, select your Worker.
Go to Settings > Domains & Routes.
For workers.dev or Preview URLs, click Enable Cloudflare Access.
Optionally, to configure the Access application, click Manage Cloudflare Access. There, you can change the email addresses you want to authorize. View Access policies to learn about configuring alternate rules.

To fully secure your application, it is important that you validate the JWT that Cloudflare Access adds to the Cf-Access-Jwt-Assertion header on the incoming request.

The following code will validate the JWT using the jose NPM package:

import { jwtVerify, createRemoteJWKSet } from "jose";

export default {
  async fetch(request, env, ctx) {
    // Verify the POLICY_AUD environment variable is set
    if (!env.POLICY_AUD) {
      return new Response("Missing required audience", {
        status: 403,
        headers: { "Content-Type": "text/plain" },
      });
    }

    // Get the JWT from the request headers
    const token = request.headers.get("cf-access-jwt-assertion");

    // Check if token exists
    if (!token) {
      return new Response("Missing required CF Access JWT", {
        status: 403,
        headers: { "Content-Type": "text/plain" },
      });
    }

    try {
      // Create JWKS from your team domain
      const JWKS = createRemoteJWKSet(
        new URL(`${env.TEAM_DOMAIN}/cdn-cgi/access/certs`),
      );

      // Verify the JWT
      const { payload } = await jwtVerify(token, JWKS, {
        issuer: env.TEAM_DOMAIN,
        audience: env.POLICY_AUD,
      });

      // Token is valid, proceed with your application logic
      return new Response(`Hello ${payload.email || "authenticated user"}!`, {
        headers: { "Content-Type": "text/plain" },
      });
    } catch (error) {
      // Token verification failed
      return new Response(`Invalid token: ${error.message}`, {
        status: 403,
        headers: { "Content-Type": "text/plain" },
      });
    }
  },
};

Required environment variables

Add these environment variables to your Worker:

POLICY_AUD: Your application's AUD tag
TEAM_DOMAIN: https://<your-team-name>.cloudflareaccess.com

Both of these appear in the modal that appears when you enable Cloudflare Access.

You can set these variables by adding them to your Worker's Wrangler configuration file, or via the Cloudflare dashboard under Workers & Pages > your-worker > Settings > Environment Variables.

Cloudflare Fundamentals, Access - Fine-grained Permissioning for Access for Apps, IdPs, & Targets now in Public Beta

Thu, 02 Oct 2025 00:00:00 GMT

Fine-grained permissions for Access Applications, Identity Providers (IdPs), and Targets is now available in Public Beta. This expands our RBAC model beyond account & zone-scoped roles, enabling administrators to grant permissions scoped to individual resources.

What's New

Access Applications: Grant admin permissions to specific Access Applications.
Identity Providers: Grant admin permissions to individual Identity Providers.
Targets: Grant admin rights to specific Targets

For more info:

Workers AI - New Deepgram Flux model available on Workers AI

Thu, 02 Oct 2025 00:00:00 GMT

Deepgram's newest Flux model @cf/deepgram/flux is now available on Workers AI, hosted directly on Cloudflare's infrastructure. We're excited to be a launch partner with Deepgram and offer their new Speech Recognition model built specifically for enabling voice agents. Check out Deepgram's blog for more details on the release.

The Flux model can be used in conjunction with Deepgram's speech-to-text model @cf/deepgram/nova-3 and text-to-speech model @cf/deepgram/aura-1 to build end-to-end voice agents. Having Deepgram on Workers AI takes advantage of our edge GPU infrastructure, for ultra low latency voice AI applications.

Promotional Pricing

For the month of October 2025, Deepgram's Flux model will be free to use on Workers AI. Official pricing will be announced soon and charged after the promotional pricing period ends on October 31, 2025. Check out the model page for pricing details in the future.

Example Usage

The new Flux model is WebSocket only as it requires live bi-directional streaming in order to recognize speech activity.

Create a worker that establishes a websocket connection with @cf/deepgram/flux

export default {
  async fetch(request, env, ctx): Promise<Response> {
    const resp = await env.AI.run("@cf/deepgram/flux", {
      encoding: "linear16",
      sample_rate: "16000"
    }, {
      websocket: true
    });
    return resp;
  },
} satisfies ExportedHandler<Env>;

Deploy your worker

npx wrangler deploy

Write a client script to connect to your worker and start sending random audio bytes to it

const ws = new WebSocket('wss://<your-worker-url.com>');

ws.onopen = () => {
  console.log('Connected to WebSocket');

  // Generate and send random audio bytes
  // You can replace this part with a function
  // that reads from your mic or other audio source
  const audioData = generateRandomAudio();
  ws.send(audioData);
  console.log('Audio data sent');
};

ws.onmessage = (event) => {
  // Transcription will be received here
  // Add your custom logic to parse the data
  console.log('Received:', event.data);
};

ws.onerror = (error) => {
  console.error('WebSocket error:', error);
};

ws.onclose = () => {
  console.log('WebSocket closed');
};

// Generate random audio data (1 second of noise at 44.1kHz, mono)
function generateRandomAudio() {
  const sampleRate = 44100;
  const duration = 1;
  const numSamples = sampleRate * duration;
  const buffer = new ArrayBuffer(numSamples * 2);
  const view = new Int16Array(buffer);

  for (let i = 0; i < numSamples; i++) {
    view[i] = Math.floor(Math.random() * 65536 - 32768);
  }

  return buffer;
}

Workers Analytics Engine, Workers - Workers Analytics Engine adds supports for new SQL functions

Thu, 02 Oct 2025 00:00:00 GMT

You can now perform more powerful queries directly in Workers Analytics Engine with a major expansion of our SQL function library.

Workers Analytics Engine allows you to ingest and store high-cardinality data at scale (such as custom analytics) and query your data through a simple SQL API.

Today, we've expanded Workers Analytics Engine's SQL capabilities with several new functions:

New aggregate functions:

argMin() - Returns the value associated with the minimum in a group
argMax() - Returns the value associated with the maximum in a group
topK() - Returns an array of the most frequent values in a group
topKWeighted() - Returns an array of the most frequent values in a group using weights
first_value() - Returns the first value in an ordered set of values within a partition
last_value() - Returns the last value in an ordered set of values within a partition

New bit functions:

bitAnd() - Returns the bitwise AND of two expressions
bitCount() - Returns the number of bits set to one in the binary representation of a number
bitHammingDistance() - Returns the number of bits that differ between two numbers
bitNot() - Returns a number with all bits flipped
bitOr() - Returns the inclusive bitwise OR of two expressions
bitRotateLeft() - Rotates all bits in a number left by specified positions
bitRotateRight() - Rotates all bits in a number right by specified positions
bitShiftLeft() - Shifts all bits in a number left by specified positions
bitShiftRight() - Shifts all bits in a number right by specified positions
bitTest() - Returns the value of a specific bit in a number
bitXor() - Returns the bitwise exclusive-or of two expressions

New mathematical functions:

abs() - Returns the absolute value of a number
log() - Computes the natural logarithm of a number
round() - Rounds a number to a specified number of decimal places
ceil() - Rounds a number up to the nearest integer
floor() - Rounds a number down to the nearest integer
pow() - Returns a number raised to the power of another number

New string functions:

lowerUTF8() - Converts a string to lowercase using UTF-8 encoding
upperUTF8() - Converts a string to uppercase using UTF-8 encoding

New encoding functions:

hex() - Converts a number to its hexadecimal representation
bin() - Converts a string to its binary representation

New type conversion functions:

toUInt8() - Converts any numeric expression, or expression resulting in a string representation of a decimal, into an unsigned 8 bit integer

Ready to get started?

Analytics - New Confidence Intervals in GraphQL Analytics API

Wed, 01 Oct 2025 00:00:00 GMT

The GraphQL Analytics API now supports confidence intervals for sum and count fields on adaptive (sampled) datasets. Confidence intervals provide a statistical range around sampled results, helping verify accuracy and quantify uncertainty.

Supported datasets: Adaptive (sampled) datasets only.
Supported fields: All sum and count fields.
Usage: The confidence level must be provided as a decimal between 0 and 1 (e.g. 0.90, 0.95, 0.99).
Default: If no confidence level is specified, no intervals are returned.

For examples and more details, see the GraphQL Analytics API documentation.

Containers - Larger Container instance types

Wed, 01 Oct 2025 00:00:00 GMT

New instance types provide up to 4 vCPU, 12 GiB of memory, and 20 GB of disk per container instance.

Instance Type	vCPU	Memory	Disk
lite	1/16	256 MiB	2 GB
basic	1/4	1 GiB	4 GB
standard-1	1/2	4 GiB	8 GB
standard-2	1	6 GiB	12 GB
standard-3	2	8 GiB	16 GB
standard-4	4	12 GiB	20 GB

The dev and standard instance types are preserved for backward compatibility and are aliases for lite and standard-1, respectively. The standard-1 instance type now provides up to 8 GB of disk instead of only 4 GB.

See the getting started guide to deploy your first Container, and the limits documentation for more details on the available instance types and limits.

Data Loss Prevention - Expanded File Type Controls for Executables and Disk Images

Wed, 01 Oct 2025 00:00:00 GMT

You can now enhance your security posture by blocking additional application installer and disk image file types with Cloudflare Gateway. Preventing the download of unauthorized software packages is a critical step in securing endpoints from malware and unwanted applications.

We have expanded Gateway's file type controls to include:

Apple Disk Image (dmg)
Microsoft Software Installer (msix, appx)
Apple Software Package (pkg)

You can find these new options within the Upload File Types and Download File Types selectors when creating or editing an HTTP policy. The file types are categorized as follows:

System: Apple Disk Image (dmg)
Executable: Microsoft Software Installer (msix), Microsoft Software Installer (appx), Apple Software Package (pkg)

To ensure these file types are blocked effectively, please note the following behaviors:

DMG: Due to their file structure, DMG files are blocked at the very end of the transfer. A user's download may appear to progress but will fail at the last moment, preventing the browser from saving the file.
MSIX: To comprehensively block Microsoft Software Installers, you should also include the file type Unscannable. MSIX files larger than 100 MB are identified as Unscannable ZIP files during inspection.

To get started, go to your HTTP policies in Zero Trust. For a full list of file types, refer to supported file types.

Cloudflare Fundamentals - Return markdown

Wed, 01 Oct 2025 00:00:00 GMT

Users can now specify that they want to retrieve Cloudflare documentation as markdown rather than the previous HTML default. This can significantly reduce token consumption when used alongside Large Language Model (LLM) tools.

curl https://developers.cloudflare.com/workers/ -H 'Accept: text/markdown'  -v

If you maintain your own site and want to adopt this practice using Cloudflare Workers for your own users you can follow the example here.

Cloudflare One Client - WARP client for Windows (version 2025.7.176.0)

Tue, 30 Sep 2025 20:43:09 GMT

A new GA release for the Windows WARP client is now available on the stable releases downloads page.

This release contains minor fixes and improvements.

Changes and improvements

MASQUE is now the default tunnel protocol for all new WARP device profiles.
Improvement to limit idle connections in Gateway with DoH mode to avoid unnecessary resource usage that can lead to DoH requests not resolving.
Improvement to maintain TCP connections to reduce interruptions in long-lived connections such as RDP or SSH.
Improvements to maintain Global WARP override settings when switching between organizations.
Improvements to maintain client connectivity during network changes.

Known issues

For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum Windows 11 24H2 KB5062553 or higher for resolution.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2025.7.176.0)

Tue, 30 Sep 2025 20:43:08 GMT

A new GA release for the macOS WARP client is now available on the stable releases downloads page.

This release contains minor fixes and improvements.

Changes and improvements

Fixed a bug preventing the warp-diag captive-portal command from running successfully due to the client not parsing SSID on macOS.
Improvements to maintain Global WARP override settings when switching between organizations.
MASQUE is now the default tunnel protocol for all new WARP device profiles.
Improvement to limit idle connections in Gateway with DoH mode to avoid unnecessary resource usage that can lead to DoH requests not resolving.
Improvements to maintain client connectivity during network changes.
The WARP client now supports macOS Tahoe (version 26.0).

Known issues

macOS Sequoia: Due to changes Apple introduced in macOS 15.0.x, the WARP client may not behave as expected. Cloudflare recommends the use of macOS 15.4 or later.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.

Cloudflare One Client - WARP client for Linux (version 2025.7.176.0)

Tue, 30 Sep 2025 20:20:30 GMT

A new GA release for the Linux WARP client is now available on the stable releases downloads page.

This release contains minor fixes and improvements including an updated public key for Linux packages. The public key must be updated if it was installed before September 12, 2025 to ensure the repository remains functional after December 4, 2025. Instructions to make this update are available at pkg.cloudflareclient.com.

Changes and improvements

MASQUE is now the default tunnel protocol for all new WARP device profiles.
Improvement to limit idle connections in Gateway with DoH mode to avoid unnecessary resource usage that can lead to DoH requests not resolving.
Improvements to maintain Global WARP override settings when switching between organizations.
Improvements to maintain client connectivity during network changes.

Known issues

Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.

Gateway - Application granular controls for operations in SaaS applications

Tue, 30 Sep 2025 00:00:00 GMT

Gateway users can now apply granular controls to their file sharing and AI chat applications through HTTP policies.

The new feature offers two methods of controlling SaaS applications:

Application Controls are curated groupings of Operations which provide an easy way for users to achieve a specific outcome. Application Controls may include Upload, Download, Prompt, Voice, and Share depending on the application.
Operations are controls aligned to the most granular action a user can take. This provides a fine-grained approach to enforcing policy and generally aligns to the SaaS providers API specifications in naming and function.

Get started using Application Granular Controls and refer to the list of supported applications.

Radar - Regional Data in Cloudflare Radar

Mon, 29 Sep 2025 00:00:00 GMT

Radar now introduces Regional Data, providing traffic insights that bring a more localized perspective to the traffic trends shown on Radar.

The following API endpoints are now available:

Get Geolocation - Retrieves geolocation by geoId.
List Geolocations - Lists geolocations.
NetFlows Summary By Dimension - Retrieves NetFlows summary by dimension.

All summary and timeseries_groups endpoints in HTTP and NetFlows now include an adm1 dimension for grouping data by first level administrative division (for example, state, province, etc.)

A new filter geoId was also added to all endpoints in HTTP and NetFlows, allowing filtering by a specific administrative division.

Check out the new Regional traffic insights on a country specific traffic page new Radar page.

WAF - WAF Release - 2025-09-29

Mon, 29 Sep 2025 00:00:00 GMT

This week highlights four important vendor- and component-specific issues: an authentication bypass in SimpleHelp (CVE-2024-57727), an information-disclosure flaw in Flowise Cloud (CVE-2025-58434), an SSRF in the WordPress plugin Ditty (CVE-2025-8085), and a directory-traversal bug in Vite (CVE-2025-30208). These are paired with improvements to our generic detection coverage (SQLi, SSRF) to raise the baseline and reduce noisy gaps.

Key Findings

SimpleHelp (CVE-2024-57727): Authentication bypass in SimpleHelp that can allow unauthorized access to management interfaces or sessions.
Flowise Cloud (CVE-2025-58434): Information-disclosure vulnerability in Flowise Cloud that may expose sensitive configuration or user data to unauthenticated or low-privileged actors.
WordPress:Plugin: Ditty (CVE-2025-8085): SSRF in the Ditty WordPress plugin enabling server-side requests that could reach internal services or cloud metadata endpoints.
Vite (CVE-2025-30208): Directory-traversal vulnerability in Vite allowing access to filesystem paths outside the intended web root.

Impact

These vulnerabilities allow attackers to gain access, escalate privileges, or execute actions that were previously unavailable:

SimpleHelp (CVE-2024-57727): An authentication bypass that can let unauthenticated attackers access management interfaces or hijack sessions — enabling lateral movement, credential theft, or privilege escalation within affected environments.
Flowise Cloud (CVE-2025-58434): Information-disclosure flaw that can expose sensitive configuration, tokens, or user data; leaked secrets may be chained into account takeover or privileged access to backend services.
WordPress:Plugin: Ditty (CVE-2025-8085): SSRF that enables server-side requests to internal services or cloud metadata endpoints, potentially allowing attackers to retrieve credentials or reach otherwise inaccessible infrastructure, leading to privilege escalation or cloud resource compromise.
Vite (CVE-2025-30208): Directory-traversal vulnerability that can expose filesystem contents outside the web root (configuration files, keys, source code), which attackers can use to escalate privileges or further compromise systems.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	6fe90532af50427484a5275c8c2e30fb	100717	SimpleHelp - Auth Bypass - CVE:CVE-2024-57727	Log	Block	This rule is merged to 100717 in legacy WAF and 498fcd81a62a4b5ca943e2de958094d3 in new WAF
Cloudflare Managed Ruleset	013ef5de3f074fd5a43cdd70d58b886b	100775	Flowise Cloud - Information Disclosure - CVE:CVE-2025-58434	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	68fc5c086ccb4b40a35a63b19bce1ff4	100881	WordPress:Plugin:Ditty - SSRF - CVE:CVE-2025-8085	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	9e1a56e6b3bc49b187bf6e35ddc329dd	100887	Vite - Directory Traversal - CVE:CVE-2025-30208	Log	Block	This is a New Detection

WAF - WAF Release - 2025-09-28 - Emergency

Sun, 28 Sep 2025 00:00:00 GMT

Key Findings

Cisco (CVE-2025-20333, CVE-2025-20362, CVE-2025-20363): Multiple vulnerabilities that could allow attackers to exploit unsafe deserialization and input validation flaws. Successful exploitation may result in arbitrary code execution, privilege escalation, or command injection on affected systems.

Impact

Cisco (CVE-2025-20333, CVE-2025-20362, CVE-2025-20363): Exploitation enables attackers to escalate privileges or achieve remote code execution via command injection.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	a1bef4ada0b146d2862cad439ee0ab84	100788	Cisco Secure Firewall Adaptive Security Appliance - Remote Code Execution - CVE:CVE-2025-20333, CVE:CVE-2025-20362, CVE:CVE-2025-20363	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	51de6ce6596a40eb8200452ad30f768e	100788A	Cisco Secure Firewall Adaptive Security Appliance - Remote Code Execution - CVE:CVE-2025-20333, CVE:CVE-2025-20362, CVE:CVE-2025-20363	N/A	Disabled	This is a New Detection

WAF - WAF Release - 2025-09-26

Fri, 26 Sep 2025 00:00:00 GMT

Managed Ruleset Updated

This update introduces 11 new detections in the Cloudflare Managed Ruleset (all currently set to Disabled mode to preserve remediation logic and allow quick activation if needed). The rules cover a broad spectrum of threats - SQL injection techniques, command and code injection, information disclosure of common files, URL anomalies, and cross-site scripting.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	3ffd242b4ba242ca965022d3a67d8561	100859A	SQLi - UNION - 3	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	91d9cf56355b4ab88481b2fd4de80468	100889	Command Injection - Generic 9	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	c15ca8e8290f485287037665f2be3ddf	100890	Information Disclosure - Common Files - 2	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	56669615f2984c2cac8c608980a252a8	100891	Anomaly:URL - Relative Paths	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	c41789fb6370431d809567d17e7d3865	100894	XSS - Inline Function	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	b995d0b930604fa6b8d9b2a13792565c	100895	XSS - DOM	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	ab8277e3f432400bbd9403dd42978e38	100896	SQLi - MSSQL Length Enumeration	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	3ec33bc5ac77495a9f55020e3ab43f7e	100897	Generic Rules - Code Injection - 3	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	4375dc90c7af4c55908f6b95c1686741	100898	SQLi - Evasion	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	945c5aa9f45141dd872d7ec920999be0	100899	SQLi - Probing 2	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	2c20b5e8684043f48620ff77b4026c88	100900	SQLi - Probing	N/A	Disabled	This is a New Detection

Workers - Automatic loopback bindings via ctx.exports

Fri, 26 Sep 2025 00:00:00 GMT

The ctx.exports API contains automatically-configured bindings corresponding to your Worker's top-level exports. For each top-level export extending WorkerEntrypoint, ctx.exports will contain a Service Binding by the same name, and for each export extending DurableObject (and for which storage has been configured via a migration), ctx.exports will contain a Durable Object namespace binding. This means you no longer have to configure these bindings explicitly in wrangler.jsonc/wrangler.toml.

Example:

import { WorkerEntrypoint } from "cloudflare:workers";

export class Greeter extends WorkerEntrypoint {
  greet(name) {
    return `Hello, ${name}!`;
  }
}

export default {
  async fetch(request, env, ctx) {
    let greeting = await ctx.exports.Greeter.greet("World")
    return new Response(greeting);
  }
}

At present, you must use the enable_ctx_exports compatibility flag to enable this API, though it will be on by default in the future.

See the API reference for more information.

Pipelines - Pipelines now supports SQL transformations and Apache Iceberg

Thu, 25 Sep 2025 13:00:00 GMT

Today, we're launching the new Cloudflare Pipelines: a streaming data platform that ingests events, transforms them with SQL, and writes to R2 as Apache Iceberg tables or Parquet files.

Pipelines can receive events via HTTP endpoints or Worker bindings, transform them with SQL, and deliver to R2 with exactly-once guarantees. This makes it easy to build analytics-ready warehouses for server logs, mobile application events, IoT telemetry, or clickstream data without managing streaming infrastructure.

For example, here's a pipeline that ingests clickstream events and filters out bot traffic while extracting domain information:

INSERT into events_table
SELECT
  user_id,
  lower(event) AS event_type,
  to_timestamp_micros(ts_us) AS event_time,
  regexp_match(url, '^https?://([^/]+)')[1]  AS domain,
  url,
  referrer,
  user_agent
FROM events_json
WHERE event = 'page_view'
  AND NOT regexp_like(user_agent, '(?i)bot|spider');

Get started by creating a pipeline in the dashboard or running a single command in Wrangler:

npx wrangler pipelines setup

Check out our getting started guide to learn how to create a pipeline that delivers events to an Iceberg table you can query with R2 SQL. Read more about today's announcement in our blog post.

R2 SQL - Announcing R2 SQL

Thu, 25 Sep 2025 13:00:00 GMT

Today, we're launching the open beta for R2 SQL: A serverless, distributed query engine that can efficiently analyze petabytes of data in Apache Iceberg tables managed by R2 Data Catalog.

R2 SQL is ideal for exploring analytical and time-series data stored in R2, such as logs, events from Pipelines, or clickstream and user behavior data.

If you already have a table in R2 Data Catalog, running queries is as simple as:

npx wrangler r2 sql query YOUR_WAREHOUSE "
SELECT
    user_id,
    event_type,
    value
FROM events.user_events
WHERE event_type = 'CHANGELOG' or event_type = 'BLOG'
  AND __ingest_ts > '2025-09-24T00:00:00Z'
ORDER BY __ingest_ts DESC
LIMIT 100"

To get started with R2 SQL, check out our getting started guide or learn more about supported features in the SQL reference. For a technical deep dive into how we built R2 SQL, read our blog post.

Browser Rendering - Browser Rendering Playwright GA, Stagehand support (Beta), and higher limits

Thu, 25 Sep 2025 12:00:00 GMT

We’re shipping three updates to Browser Rendering:

Playwright support is now Generally Available and synced with Playwright v1.55, giving you a stable foundation for critical automation and AI-agent workflows.
We’re also adding Stagehand support (Beta) so you can combine code with natural language instructions to build more resilient automations.
Finally, we’ve tripled limits for paid plans across both the REST API and Workers Bindings to help you scale.

To get started with Stagehand, refer to the Stagehand example that uses Stagehand and Workers AI to search for a movie on this example movie directory, extract its details using natural language (title, year, rating, duration, and genre), and return the information along with a screenshot of the webpage.

const stagehand = new Stagehand({
  env: "LOCAL",
  localBrowserLaunchOptions: { cdpUrl: endpointURLString(env.BROWSER) },
  llmClient: new WorkersAIClient(env.AI),
  verbose: 1,
});

await stagehand.init();
const page = stagehand.page;

await page.goto('https://demo.playwright.dev/movies');

// if search is a multi-step action, stagehand will return an array of actions it needs to act on
const actions = await page.observe('Search for "Furiosa"');
for (const action of actions)
  await page.act(action);

await page.act('Click the search result');

// normal playwright functions work as expected
await page.waitForSelector('.info-wrapper .cast');

let movieInfo = await page.extract({
  instruction: 'Extract movie information',
  schema: z.object({
    title: z.string(),
    year: z.number(),
    rating: z.number(),
    genres: z.array(z.string()),
    duration: z.number().describe("Duration in minutes"),
  }),
});

await stagehand.close();

AI Search - AI Search (formerly AutoRAG) now with More Models To Choose From

Thu, 25 Sep 2025 00:00:00 GMT

AutoRAG is now AI Search! The new name marks a new and bigger mission: to make world-class search infrastructure available to every developer and business.

With AI Search you can now use models from different providers like OpenAI and Anthropic. By attaching your provider keys to the AI Gateway linked to your AI Search instance, you can use many more models for both embedding and inference.

To use AI Search with other model providers:

Add provider keys to AI Gateway
1. Go to AI > AI Gateway in the dashboard.
2. Select or create an AI gateway.
3. In Provider Keys, choose your provider, click Add, and enter the key.
Connect a gateway to AI Search: When creating a new AI Search, select the AI Gateway with your provider keys. For an existing AI Search, go to Settings and switch to a gateway that has your keys under Resources.
Select models: Embedding models are only available to be changed when creating a new AI Search. Generation model can be selected when creating a new AI Search and can be changed at any time in Settings.

Once configured, your AI Search instance will be able to reference models available through your AI Gateway when making a /ai-search request:

export default {
  async fetch(request, env) {

    // Query your AI Search instance with a natural language question to an OpenAI model
    const result = await env.AI.autorag("my-ai-search").aiSearch({
      query: "What's new for Cloudflare Birthday Week?",
      model: "openai/gpt-5"
    });

    // Return only the generated answer as plain text
    return new Response(result.response, {
      headers: { "Content-Type": "text/plain" },
    });
  },
};

In the coming weeks we will also roll out updates to align the APIs with the new name. The existing APIs will continue to be supported for the time being. Stay tuned to the AI Search Changelog and Discord for more updates!

Containers - Run more Containers with higher resource limits

Thu, 25 Sep 2025 00:00:00 GMT

You can now run more Containers concurrently with higher limits on CPU, memory, and disk.

Limit	New Limit	Previous Limit
Memory for concurrent live Container instances	400GiB	40GiB
vCPU for concurrent live Container instances	100	20
Disk for concurrent live Container instances	2TB	100GB

You can now run 1000 instances of the dev instance type, 400 instances of basic, or 100 instances of standard concurrently.

This opens up new possibilities for running larger-scale workloads on Containers.

See the getting started guide to deploy your first Container, and the limits documentation for more details on the available instance types and limits.

Gateway, Data Loss Prevention - Refine DLP Scans with New Body Phase Selector

Thu, 25 Sep 2025 00:00:00 GMT

You can now more precisely control your HTTP DLP policies by specifying whether to scan the request or response body, helping to reduce false positives and target specific data flows.

In the Gateway HTTP policy builder, you will find a new selector called Body Phase. This allows you to define the direction of traffic the DLP engine will inspect:

Request Body: Scans data sent from a user's machine to an upstream service. This is ideal for monitoring data uploads, form submissions, or other user-initiated data exfiltration attempts.
Response Body: Scans data sent to a user's machine from an upstream service. Use this to inspect file downloads and website content for sensitive data.

For example, consider a policy that blocks Social Security Numbers (SSNs). Previously, this policy might trigger when a user visits a website that contains example SSNs in its content (the response body). Now, by setting the Body Phase to Request Body, the policy will only trigger if the user attempts to upload or submit an SSN, ignoring the content of the web page itself.

All policies without this selector will continue to scan both request and response bodies to ensure continued protection.

For more information, refer to Gateway HTTP policy selectors.

Cloudflare Fundamentals - Sign in with GitHub

Thu, 25 Sep 2025 00:00:00 GMT

Cloudflare has launched sign in with GitHub as a log in option. This feature is available to all users with a verified email address who are not using SSO. To use it, simply click on the Sign in with GitHub button on the dashboard login page. You will be logged in with your primary GitHub email address.

For more information

Cloudflare Fundamentals - SSO for all

Thu, 25 Sep 2025 00:00:00 GMT

Single sign-on (SSO) streamlines the process of logging into Cloudflare for Enterprise customers who manage a custom email domain and manage their own identity provider. Instead of managing a password and two-factor authentication credentials directly for Cloudflare, SSO lets you reuse your existing login infrastructure to seamlessly log in. SSO also provides additional security opportunities such as device health checks which are not available natively within Cloudflare.

Historically, SSO was only available for Enterprise accounts. Today, we are announcing that we are making SSO available to all users for free. We have also added the ability to directly manage SSO configurations using the API. This removes the previous requirement to contact support to configure SSO.

For more information

R2 - R2 Data Catalog now supports compaction

Thu, 25 Sep 2025 00:00:00 GMT

You can now enable automatic compaction for Apache Iceberg tables in R2 Data Catalog to improve query performance.

Compaction is the process of taking a group of small files and combining them into fewer larger files. This is an important maintenance operation as it helps ensure that query performance remains consistent by reducing the number of files that needs to be scanned.

To enable automatic compaction in R2 Data Catalog, find it under R2 Data Catalog in your R2 bucket settings in the dashboard.

Or with Wrangler, run:

npx wrangler r2 bucket catalog compaction enable <BUCKET_NAME>  --target-size 128 --token <API_TOKEN>

To get started with compaction, check out manage catalogs. For best practices and limitations, refer to about compaction.

WAF - WAF Release - 2025-09-24 - Emergency

Wed, 24 Sep 2025 00:00:00 GMT

This week highlights a critical vendor-specific vulnerability: a deserialization flaw in the License Servlet of Fortra’s GoAnywhere MFT. By forging a license response signature, an attacker can trigger deserialization of arbitrary objects, potentially leading to command injection.

Key Findings

GoAnywhere MFT (CVE-2025-10035): Deserialization vulnerability in the License Servlet that allows attackers with a forged license response signature to deserialize arbitrary objects, potentially resulting in command injection.

Impact

GoAnywhere MFT (CVE-2025-10035): Exploitation enables attackers to escalate privileges or achieve remote code execution via command injection.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	8fe242c7c0d64d689f4fc9a1e08b39f3	100787	Fortra GoAnywhere - Auth Bypass - CVE:CVE-2025-10035	N/A	Block	This is a New Detection

Email security - Invalid Submissions Feedback

Tue, 23 Sep 2025 23:11:49 GMT

Email security relies on your submissions to continuously improve our detection models. However, we often receive submissions in formats that cannot be ingested, such as incomplete EMLs, screenshots, or text files.

To ensure all customer feedback is actionable, we have launched two new features to manage invalid submissions sent to our team and user submission aliases:

Email Notifications: We now automatically notify users by email when they provide an invalid submission, educating them on the correct format. To disable notifications, go to Settings > Invalid submission emails and turn the feature off.

Invalid Submission dashboard: You can quickly identify which users need education to provide valid submissions so Cloudflare can provide continuous protection.

Learn more about this feature on invalid submissions.

This feature is available across these Email security packages:

Advantage
Enterprise
Enterprise + PhishGuard

Workers - Improved support for running multiple Workers with `wrangler dev`

Tue, 23 Sep 2025 00:00:00 GMT

You can run multiple Workers in a single dev command by passing multiple config files to wrangler dev:

wrangler dev --config ./web/wrangler.jsonc --config ./api/wrangler.jsonc

Previously, if you ran the command above and then also ran wrangler dev for a different Worker, the Workers running in separate wrangler dev sessions could not communicate with each other. This prevented you from being able to use Service Bindings and Tail Workers in local development, when running separate wrangler dev sessions.

Now, the following works as expected:

# Terminal 1: Run your application that includes both Web and API workers
wrangler dev --config ./web/wrangler.jsonc --config ./api/wrangler.jsonc

# Terminal 2: Run your auth worker separately
wrangler dev --config ./auth/wrangler.jsonc

These Workers can now communicate with each other across separate dev commands, regardless of your development setup.

export default {
  async fetch(request, env) {
    // This service binding call now works across dev commands
    const authorized = await env.AUTH.isAuthorized(request);

    if (!authorized) {
      return new Response('Unauthorized', { status: 401 });
    }

    return new Response('Hello from API Worker!', { status: 200 });
  },
};

Check out the Developing with multiple Workers guide to learn more about the different approaches and when to use each one.

Access - Access Remote Desktop Protocol (RDP) destinations securely from your browser — now generally available!

Mon, 22 Sep 2025 00:00:00 GMT

Browser-based RDP with Cloudflare Access is now generally available for all Cloudflare customers. It enables secure, remote Windows server access without VPNs or RDP clients.

Since we announced our open beta, we've made a few improvements:

Support for targets with IPv6.
Support for Magic WAN and WARP Connector as on-ramps.
More robust error messaging on the login page to help you if you encounter an issue.
Worldwide keyboard support. Whether your day-to-day is in Portuguese, Chinese, or something in between, your browser-based RDP experience will look and feel exactly like you are using a desktop RDP client.
Cleaned up some other miscellaneous issues, including but not limited to enhanced support for Entra ID accounts and support for usernames with spaces, quotes, and special characters.

As a refresher, here are some benefits browser-based RDP provides:

Control how users authenticate to internal RDP resources with single sign-on (SSO), multi-factor authentication (MFA), and granular access policies.
Record who is accessing which servers and when to support regulatory compliance requirements and to gain greater visibility in the event of a security event.
Eliminate the need to install and manage software on user devices. You will only need a web browser.
Reduce your attack surface by keeping your RDP servers off the public Internet and protecting them from common threats like credential stuffing or brute-force attacks.

To get started, refer to Connect to RDP in a browser.

WAF - WAF Release - 2025-09-22

Mon, 22 Sep 2025 00:00:00 GMT

This week emphasizes two critical vendor-specific vulnerabilities: a full elevation-of-privilege in Microsoft Azure Networking (CVE-2025-54914) and a server-side template injection (SSTI) leading to remote code execution (RCE) in Skyvern (CVE-2025-49619). These are complemented by enhancements in generic detections (SQLi, SSRF) to improve baseline coverage.

Key Findings

Azure (CVE-2025-54914): Vulnerability in Azure Networking allowing elevation of privileges.
Skyvern (CVE-2025-49619): Skyvern ≤ 0.1.85 has a server-side template injection (SSTI) vulnerability in its Prompt field (workflow blocks) via Jinja2. Authenticated users with low privileges can get remote code execution (blind).
Generic SQLi / SSRF improvements: Expanded rule coverage to detect obfuscated SQL injection patterns and SSRF across host, local, and cloud contexts.

Impact

These vulnerabilities allow attackers to escalate privileges or execute code under conditions where previously they could not:

Azure CVE-2025-54914 enables an attacker from the network with no credentials to gain high-level access within Azure Networking; could lead to full compromise of networking components.
Skyvern CVE-2025-49619 allows authenticated users with minimal privilege to exploit SSTI for remote code execution, undermining isolation of workflow components.
The improvements for SQLi and SSRF reduce risk from common injection and request-based attacks.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	c36a425ae0c94789a9bc34f06a135cbf	100146	SSRF - Host - 2	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	dfa84b0aed5a4b45b953a36a57035abf	100146B	SSRF - Local - 2	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	276073e60c7a4b4d91faba1fbbe18d50	100146C	SSRF - Cloud - 2	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	78c856218f2d40f4b5988c8c956c1961	100714	Azure - Auth Bypass - CVE:CVE-2025-54914	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	9f1c8d4cbf3848dbb940771bc5ced231	100758	Skyvern - Remote Code Execution - CVE:CVE-2025-49619	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	6be7e7829f3b43c688e1ac4284a619a1	100773	Next.js - SSRF	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	0cc3f50216bf4b448210bcc3983ff2dd	100774	Adobe Commerce - Remote Code Execution - CVE:CVE-2025-54236	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	53bfaeb311a049e3877fa15c0380a1a6	100800_BETA	SQLi - Obfuscated Boolean - Beta	Log	Block	This rule has been merged into the original rule (ID: 7663ea44178441a0b3205c145563445f )

AI Search - New Metrics View in AutoRAG

Fri, 19 Sep 2025 00:00:00 GMT

AutoRAG now includes a Metrics tab that shows how your data is indexed and searched. Get a clear view of the health of your indexing pipeline, compare usage between ai-search and search, and see which files are retrieved most often.

You can find these metrics within each AutoRAG instance:

Indexing: Track how files are ingested and see status changes over time.
Search breakdown: Compare usage between ai-search and search endpoints.
Top file retrievals: Identify which files are most frequently retrieved in a given period.

Try it today in AutoRAG.

Workers - Rate Limiting in Workers is now GA

Fri, 19 Sep 2025 00:00:00 GMT

Rate Limiting within Cloudflare Workers is now Generally Available (GA).

The ratelimit binding is now stable and recommended for all production workloads. Existing deployments using the unsafe binding will continue to function to allow for a smooth transition.

For more details, refer to Workers Rate Limiting documentation.

Workers - Panic Recovery for Rust Workers

Fri, 19 Sep 2025 00:00:00 GMT

In workers-rs, Rust panics were previously non-recoverable. A panic would put the Worker into an invalid state, and further function calls could result in memory overflows or exceptions.

Now, when a panic occurs, in-flight requests will throw 500 errors, but the Worker will automatically and instantly recover for future requests.

This ensures more reliable deployments. Automatic panic recovery is enabled for all new workers-rs deployments as of version 0.6.5, with no configuration required.

Fixing Rust Panics with Wasm Bindgen

Rust Workers are built with Wasm Bindgen, which treats panics as non-recoverable. After a panic, the entire Wasm application is considered to be in an invalid state.

We now attach a default panic handler in Rust:

std::panic::set_hook(Box::new(move |panic_info| {
  hook_impl(panic_info);
}));

Which is registered by default in the JS initialization:

import { setPanicHook } from "./index.js";
setPanicHook(function (err) {
  console.error("Panic handler!", err);
});

When a panic occurs, we reset the Wasm state to revert the Wasm application to how it was when the application started.

Resetting VM State in Wasm Bindgen

We worked upstream on the Wasm Bindgen project to implement a new --experimental-reset-state-function compilation option which outputs a new __wbg_reset_state function.

This function clears all internal state related to the Wasm VM, and updates all function bindings in place to reference the new WebAssembly instance.

One other necessary change here was associating Wasm-created JS objects with an instance identity. If a JS object created by an earlier instance is then passed into a new instance later on, a new "stale object" error is specially thrown when using this feature.

Layered Solution

Building on this new Wasm Bindgen feature, layered with our new default panic handler, we also added a proxy wrapper to ensure all top-level exported class instantiations (such as for Rust Durable Objects) are tracked and fully reinitialized when resetting the Wasm instance. This was necessary because the workerd runtime will instantiate exported classes, which would then be associated with the Wasm instance.

This approach now provides full panic recovery for Rust Workers on subsequent requests.

Of course, we never want panics, but when they do happen they are isolated and can be investigated further from the error logs - avoiding broader service disruption.

WebAssembly Exception Handling

In the future, full support for recoverable panics could be implemented without needing reinitialization at all, utilizing the WebAssembly Exception Handling proposal, part of the newly announced WebAssembly 3.0 specification. This would allow unwinding panics as normal JS errors, and concurrent requests would no longer fail.

We're making significant improvements to the reliability of Rust Workers. Join us in #rust-on-workers on the Cloudflare Developers Discord to stay updated.

Cloudflare Tunnel, Cloudflare Tunnel for SASE - Connect and secure any private or public app by hostname, not IP — with hostname routing for Cloudflare Tunnel

Thu, 18 Sep 2025 00:00:00 GMT

You can now route private traffic to Cloudflare Tunnel based on a hostname or domain, moving beyond the limitations of IP-based routing. This new capability is free for all Cloudflare One customers.

Previously, Tunnel routes could only be defined by IP address or CIDR range. This created a challenge for modern applications with dynamic or ephemeral IP addresses, often forcing administrators to maintain complex and brittle IP lists.

What’s new:

Hostname & Domain Routing: Create routes for individual hostnames (e.g., payroll.acme.local) or entire domains (e.g., *.acme.local) and direct their traffic to a specific Tunnel.
Simplified Zero Trust Policies: Build resilient policies in Cloudflare Access and Gateway using stable hostnames, making it dramatically easier to apply per-resource authorization for your private applications.
Precise Egress Control: Route traffic for public hostnames (e.g., bank.example.com) through a specific Tunnel to enforce a dedicated source IP, solving the IP allowlist problem for third-party services.
No More IP Lists: This feature makes the workaround of maintaining dynamic IP Lists for Tunnel connections obsolete.

Get started in the Tunnels section of the Zero Trust dashboard with your first private hostname or public hostname route.

Learn more in our blog post.

Workers - Increased vCPU for Workers Builds on paid plans

Thu, 18 Sep 2025 00:00:00 GMT

We recently increased the available disk space from 8 GB to 20 GB for all plans. Building on that improvement, we’re now doubling the CPU power available for paid plans — from 2 vCPU to 4 vCPU.

These changes continue our focus on making Workers Builds faster and more reliable.

Metric	Free Plan	Paid Plans
CPU	2 vCPU	4 vCPU

Performance Improvements

Fast build times: Even single-threaded workloads benefit from having more vCPUs
2x faster multi-threaded builds: Tools like esbuild and webpack can now utilize additional cores, delivering near-linear performance scaling

All other build limits — including memory, build minutes, and timeout remain unchanged.

Workers - Preview URLs now default to opt-in

Wed, 17 Sep 2025 00:00:00 GMT

To prevent the accidental exposure of applications, we've updated how Worker preview URLs (<PREVIEW>-<WORKER_NAME>.<SUBDOMAIN>.workers.dev) are handled. We made this change to ensure preview URLs are only active when intentionally configured, improving the default security posture of your Workers.

One-Time Update for Workers with workers.dev Disabled

We performed a one-time update to disable preview URLs for existing Workers where the workers.dev subdomain was also disabled.

Because preview URLs were historically enabled by default, users who had intentionally disabled their workers.dev route may not have realized their Worker was still accessible at a separate preview URL. This update was performed to ensure that using a preview URL is always an intentional, opt-in choice.

If your Worker was affected, its preview URL (<PREVIEW>-<WORKER_NAME>.<SUBDOMAIN>.workers.dev) will now direct to an informational page explaining this change.

How to Re-enable Your Preview URL

If your preview URL was disabled, you can re-enable it via the Cloudflare dashboard by navigating to your Worker's Settings page and toggling on the Preview URL.

Alternatively, you can use Wrangler by adding the preview_urls = true setting to your Wrangler file and redeploying the Worker.

wrangler.jsonc
```
{
  "preview_urls": true
}
```
wrangler.toml
```
preview_urls = true
```

Note: You can set preview_urls = true with any Wrangler version that supports the preview URL flag (v3.91.0+). However, we recommend updating to v4.34.0 or newer, as this version defaults preview_urls to false, ensuring preview URLs are always enabled by explicit choice.

Cloudflare One - New AI-Enabled Search for Zero Trust Dashboard

Tue, 16 Sep 2025 00:00:00 GMT

Zero Trust Dashboard has a brand new, AI-powered search functionality. You can search your account by resources (applications, policies, device profiles, settings, etc.), pages, products, and more.

Ask Cloudy — You can also ask Cloudy, our AI agent, questions about Cloudflare Zero Trust. Cloudy is trained on our developer documentation and implementation guides, so it can tell you how to configure functionality, best practices, and can make recommendations.

Cloudy can then stay open with you as you move between pages to build configuration or answer more questions.

Find Recents — Recent searches and Cloudy questions also have a new tab under Zero Trust Overview.

DNS - DNS Firewall Analytics — now in the Cloudflare dashboard

Tue, 16 Sep 2025 00:00:00 GMT

What's New

Access GraphQL-powered DNS Firewall analytics directly in the Cloudflare dashboard.

Explore Four Interactive Panels

Query summary: Describes trends over time, segmented by dimensions.
Query statistics: Describes totals, cached/uncached queries, and processing/response times.
DNS queries by data center: Describes global view and the top 10 data centers.
Top query statistics: Shows a breakdown by key dimensions, with search and expand options (up to top 100 items).

Additional features:

Apply filters and time ranges once. Changes reflect across all panels.
Filter by dimensions like query name, query type, cluster, data center, protocol (UDP/TCP), IP version, response code/reason, and more.
Access up to 62 days of historical data with flexible intervals.

Availability

Available to all DNS Firewall customers as part of their existing subscription.

Where to Find It

In the Cloudflare dashboard, go to the DNS Firewall page.
Go to Analytics
Refer to the DNS Firewall Analytics to learn more.

Workers - Remote bindings GA - Connect to remote resources (D1, KV, R2, etc.) during local development

Tue, 16 Sep 2025 00:00:00 GMT

Three months ago we announced the public beta of remote bindings for local development. Now, we're excited to say that it's available for everyone in Wrangler, Vite, and Vitest without using an experimental flag!

With remote bindings, you can now connect to deployed resources like R2 buckets and D1 databases while running Worker code on your local machine. This means you can test your local code changes against real data and services, without the overhead of deploying for each iteration.

Example configuration

To enable remote bindings, add "remote" : true to each binding that you want to rely on a remote resource running on Cloudflare:

wrangler.jsonc

{
  "name": "my-worker",
  // Set this to today's date
  "compatibility_date": "2026-04-03",

  "r2_buckets": [
    {
      "bucket_name": "screenshots-bucket",
      "binding": "screenshots_bucket",
      "remote": true,
    },
  ],
}

wrangler.toml

name = "my-worker"
# Set this to today's date
compatibility_date = "2026-04-03"

[[r2_buckets]]
bucket_name = "screenshots-bucket"
binding = "screenshots_bucket"
remote = true

When remote bindings are configured, your Worker still executes locally, but all binding calls are proxied to the deployed resource that runs on Cloudflare's network.

You can try out remote bindings for local development today with:

WAF - WAF Release - 2025-09-15

Mon, 15 Sep 2025 00:00:00 GMT

This week's update

This week's focus highlights newly disclosed vulnerabilities in DevOps tooling, data visualization platforms, and enterprise CMS solutions. These issues include sensitive information disclosure and remote code execution, putting organizations at risk of credential leakage, unauthorized access, and full system compromise.

Key Findings

Argo CD (CVE-2025-55190): Exposure of sensitive information could allow attackers to access credential data stored in configurations, potentially leading to compromise of Kubernetes workloads and secrets.
DataEase (CVE-2025-57773): Insufficient input validation enables JNDI injection and insecure deserialization, resulting in remote code execution (RCE). Successful exploitation grants attackers control over the application server.
Sitecore (CVE-2025-53694): A sensitive information disclosure flaw allows unauthorized access to confidential information stored in Sitecore deployments, raising the risk of data breaches and privilege escalation.

Impact

These vulnerabilities expose organizations to serious risks, including credential theft, unauthorized access, and full system compromise. Argo CD's flaw may expose Kubernetes secrets, DataEase exploitation could give attackers remote execution capabilities, and Sitecore's disclosure issue increases the likelihood of sensitive data leakage and business impact.

Administrators are strongly advised to apply vendor patches immediately, rotate exposed credentials, and review access controls to mitigate these risks.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	199cce9ab21e40bcb535f01b2ee2085f	100646	Argo CD - Information Disclosure - CVE:CVE-2025-55190s	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	e513bb21b6a44f9cbfcd2462f5e20788	100874	DataEase - JNDI injection - CVE:CVE-2025-57773	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	be097f5a71a04f27aa87b60d005a12fd	100880	Sitecore - Information Disclosure - CVE:CVE-2025-53694	Log	Block	This is a New Detection

Email security - Regional Email Processing for Germany, India, or Australia

Thu, 11 Sep 2025 23:15:00 GMT

We’re excited to announce that Email security customers can now choose their preferred mail processing location directly from the UI when onboarding a domain. This feature is available for the following onboarding methods: MX, BCC, and Journaling.

What’s new

Customers can now select where their email is processed. The following regions are supported:

Germany
India
Australia

Global processing remains the default option, providing flexibility to meet both compliance requirements or operational preferences.

How to use it

When onboarding a domain with MX, BCC, or Journaling:

Select the desired processing location (Germany, India, or Australia).
The UI will display updated processing addresses specific to that region.
For MX onboarding, if your domain is managed by Cloudflare, you can automatically update MX records directly from the UI.

Availability

This feature is available across these Email security packages:

Advantage
Enterprise
Enterprise + PhishGuard

What’s next

We’re expanding the list of processing locations to match our Data Localization Suite (DLS) footprint, giving customers the broadest set of regional options in the market without the complexity of self-hosting.

D1, Workers - D1 automatically retries read-only queries

Thu, 11 Sep 2025 00:00:00 GMT

D1 now detects read-only queries and automatically attempts up to two retries to execute those queries in the event of failures with retryable errors. You can access the number of execution attempts in the returned response metadata property total_attempts.

At the moment, only read-only queries are retried, that is, queries containing only the following SQLite keywords: SELECT, EXPLAIN, WITH. Queries containing any SQLite keyword that leads to database writes are not retried.

The retry success ratio among read-only retryable errors varies from 5% all the way up to 95%, depending on the underlying error and its duration (like network errors or other internal errors).

The retry success ratio among all retryable errors is lower, indicating that there are write-queries that could be retried. Therefore, we recommend D1 users to continue applying retries in their own code for queries that are not read-only but are idempotent according to the business logic of the application.

D1 ensures that any retry attempt does not cause database writes, making the automatic retries safe from side-effects, even if a query causing changes slips through the read-only detection. D1 achieves this by checking for modifications after every query execution, and if any write occurred due to a retry attempt, the query is rolled back.

The read-only query detection heuristics are simple for now, and there is room for improvement to capture more cases of queries that can be retried, so this is just the beginning.

Gateway, Cloudflare WAN, Cloudflare Tunnel for SASE - DNS filtering for private network onramps

Thu, 11 Sep 2025 00:00:00 GMT

Magic WAN and WARP Connector users can now securely route their DNS traffic to the Gateway resolver without exposing traffic to the public Internet.

Routing DNS traffic to the Gateway resolver allows DNS resolution and filtering for traffic coming from private networks while preserving source internal IP visibility. This ensures Magic WAN users have full integration with our Cloudflare One features, including Internal DNS and hostname-based policies.

To configure DNS filtering, change your Magic WAN or WARP Connector DNS settings to use Cloudflare's shared resolver IPs, 172.64.36.1 and 172.64.36.2. Once you configure DNS resolution and filtering, you can use Source Internal IP as a traffic selector in your resolver policies for routing private DNS traffic to your Internal DNS.

Log Explorer - Contextual pivots

Thu, 11 Sep 2025 00:00:00 GMT

Directly from Log Search results, customers can pivot to other parts of the Cloudflare dashboard to immediately take action as a result of their investigation.

From the http_requests or fw_events dataset results, right click on an IP Address or JA3 Fingerprint to pivot to the Investigate portal to lookup the reputation of an IP address or JA3 fingerprint.

Easily learn about error codes by linking directly to our documentation from the EdgeResponseStatus or OriginResponseStatus fields.

From the gateway_http dataset, click on a policyid to link directly to the Zero Trust dashboard to review or make changes to a specific Gateway policy.

Log Explorer - New results table view

Thu, 11 Sep 2025 00:00:00 GMT

The results table view of Log Search has been updated with additional functionality and a more streamlined user experience. Users can now easily:

Remove/add columns.
Resize columns.
Sort columns.
Copy values from any field.

Workers - Worker version rollback limit increased from 10 to 100

Thu, 11 Sep 2025 00:00:00 GMT

The number of recent versions available for a Worker rollback has been increased from 10 to 100.

This allows you to:

Promote any of the 100 most recent versions to be the active deployment.
Split traffic using gradual deployments between your latest code and any of the 100 most recent versions.

You can do this through the Cloudflare dashboard or with Wrangler's rollback command

Learn more about versioned deployments and rollbacks.

Cloudflare One Client - WARP client for Windows (version 2025.7.106.1)

Wed, 10 Sep 2025 14:09:30 GMT

A new Beta release for the Windows WARP client is now available on the beta releases downloads page.

This release contains minor fixes and improvements including enhancements to Proxy mode for even faster resolution. The MASQUE protocol is now the only protocol that can use Proxy mode. If you previously configured a device profile to use Proxy mode with Wireguard, you will need to select a new WARP mode or all devices matching the profile will lose connectivity.

Changes and improvements

Enhancements to Proxy mode for even faster resolution. The MASQUE protocol is now the only protocol that can use Proxy mode. If you previously configured a device profile to use Proxy mode with Wireguard, you will need to select a new WARP mode or all devices matching the profile will lose connectivity.
Improvement to keep TCP connections up the first time WARP connects on devices so that remote desktop sessions (such as RDP or SSH) continue to work.
Improvements to maintain Global WARP Override settings when switching between organization configurations.
The MASQUE protocol is now the default protocol for all new WARP device profiles.
Improvement to limit idle connections in DoH mode to avoid unnecessary resource usage that can lead to DoH requests not resolving.

Known issues

For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum Windows 11 24H2 KB5062553 or higher for resolution.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2025.7.106.1)

Wed, 10 Sep 2025 14:09:02 GMT

A new Beta release for the macOS WARP client is now available on the beta releases downloads page.

Changes and improvements

Enhancements to Proxy mode for even faster resolution. The MASQUE protocol is now the only protocol that can use Proxy mode. If you previously configured a device profile to use Proxy mode with Wireguard, you will need to select a new WARP mode or all devices matching the profile will lose connectivity.
Fixed a bug preventing the warp-diag captive-portal command from running successfully due to the client not parsing SSID on macOS.
Improvements to maintain Global WARP Override settings when switching between organization configurations.
The MASQUE protocol is now the default protocol for all new WARP device profiles.
Improvement to limit idle connections in DoH mode to avoid unnecessary resource usage that can lead to DoH requests not resolving.

Known issues

macOS Sequoia: Due to changes Apple introduced in macOS 15.0.x, the WARP client may not behave as expected. Cloudflare recommends the use of macOS 15.4 or later.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.

Agents, Workers - Agents SDK v0.1.0 and workers-ai-provider v2.0.0 with AI SDK v5 support

Wed, 10 Sep 2025 00:00:00 GMT

We've shipped a new release for the Agents SDK bringing full compatibility with AI SDK v5 and introducing automatic message migration that handles all legacy formats transparently.

This release includes improved streaming and tool support, tool confirmation detection (for "human in the loop" systems), enhanced React hooks with automatic tool resolution, improved error handling for streaming responses, and seamless migration utilities that work behind the scenes.

Additionally, we've updated workers-ai-provider v2.0.0, the official provider for Cloudflare Workers AI models, to be compatible with AI SDK v5.

useAgentChat(options)

Creates a new chat interface with enhanced v5 capabilities.

// Basic chat setup
const { messages, sendMessage, addToolResult } = useAgentChat({
  agent,
  experimental_automaticToolResolution: true,
  tools,
});

// With custom tool confirmation
const chat = useAgentChat({
  agent,
  experimental_automaticToolResolution: true,
  toolsRequiringConfirmation: ["dangerousOperation"],
});

Automatic Tool Resolution

Tools are automatically categorized based on their configuration:

const tools = {
  // Auto-executes (has execute function)
  getLocalTime: {
    description: "Get current local time",
    inputSchema: z.object({}),
    execute: async () => new Date().toLocaleString(),
  },

  // Requires confirmation (no execute function)
  deleteFile: {
    description: "Delete a file from the system",
    inputSchema: z.object({
      filename: z.string(),
    }),
  },

  // Server-executed (no client confirmation)
  analyzeData: {
    description: "Analyze dataset on server",
    inputSchema: z.object({ data: z.array(z.number()) }),
    serverExecuted: true,
  },
} satisfies Record<string, AITool>;

Message Handling

Send messages using the new v5 format with parts array:

// Text message
sendMessage({
  role: "user",
  parts: [{ type: "text", text: "Hello, assistant!" }],
});

// Multi-part message with file
sendMessage({
  role: "user",
  parts: [
    { type: "text", text: "Analyze this image:" },
    { type: "image", image: imageData },
  ],
});

Tool Confirmation Detection

Simplified logic for detecting pending tool confirmations:

const pendingToolCallConfirmation = messages.some((m) =>
  m.parts?.some(
    (part) => isToolUIPart(part) && part.state === "input-available",
  ),
);

// Handle tool confirmation
if (pendingToolCallConfirmation) {
  await addToolResult({
    toolCallId: part.toolCallId,
    tool: getToolName(part),
    output: "User approved the action",
  });
}

Automatic Message Migration

Seamlessly handle legacy message formats without code changes.

// All these formats are automatically converted:

// Legacy v4 string content
const legacyMessage = {
  role: "user",
  content: "Hello world",
};

// Legacy v4 with tool calls
const legacyWithTools = {
  role: "assistant",
  content: "",
  toolInvocations: [
    {
      toolCallId: "123",
      toolName: "weather",
      args: { city: "SF" },
      state: "result",
      result: "Sunny, 72°F",
    },
  ],
};

// Automatically becomes v5 format:
// {
//   role: "assistant",
//   parts: [{
//     type: "tool-call",
//     toolCallId: "123",
//     toolName: "weather",
//     args: { city: "SF" },
//     state: "result",
//     result: "Sunny, 72°F"
//   }]
// }

Tool Definition Updates

Migrate tool definitions to use the new inputSchema property.

// Before (AI SDK v4)
const tools = {
  weather: {
    description: "Get weather information",
    parameters: z.object({
      city: z.string(),
    }),
    execute: async (args) => {
      return await getWeather(args.city);
    },
  },
};

// After (AI SDK v5)
const tools = {
  weather: {
    description: "Get weather information",
    inputSchema: z.object({
      city: z.string(),
    }),
    execute: async (args) => {
      return await getWeather(args.city);
    },
  },
};

Cloudflare Workers AI Integration

Seamless integration with Cloudflare Workers AI models through the updated workers-ai-provider v2.0.0.

Model Setup with Workers AI

Use Cloudflare Workers AI models directly in your agent workflows:

import { createWorkersAI } from "workers-ai-provider";
import { useAgentChat } from "agents/ai-react";

// Create Workers AI model (v2.0.0 - same API, enhanced v5 internals)
const model = createWorkersAI({
  binding: env.AI,
})("@cf/meta/llama-3.2-3b-instruct");

Enhanced File and Image Support

Workers AI models now support v5 file handling with automatic conversion:

// Send images and files to Workers AI models
sendMessage({
  role: "user",
  parts: [
    { type: "text", text: "Analyze this image:" },
    {
      type: "file",
      data: imageBuffer,
      mediaType: "image/jpeg",
    },
  ],
});

// Workers AI provider automatically converts to proper format

Streaming with Workers AI

Enhanced streaming support with automatic warning detection:

// Streaming with Workers AI models
const result = await streamText({
  model: createWorkersAI({ binding: env.AI })("@cf/meta/llama-3.2-3b-instruct"),
  messages,
  onChunk: (chunk) => {
    // Enhanced streaming with warning handling
    console.log(chunk);
  },
});

Import Updates

Update your imports to use the new v5 types:

// Before (AI SDK v4)
import type { Message } from "ai";
import { useChat } from "ai/react";

// After (AI SDK v5)
import type { UIMessage } from "ai";
// or alias for compatibility
import type { UIMessage as Message } from "ai";
import { useChat } from "@ai-sdk/react";

Resources

Migration Guide - Comprehensive migration documentation
AI SDK v5 Documentation - Official AI SDK migration guide
An Example PR showing the migration from AI SDK v4 to v5
GitHub Issues - Report bugs or request features

Feedback Welcome

We'd love your feedback! We're particularly interested in feedback on:

Migration experience - How smooth was the upgrade process?
Tool confirmation workflow - Does the new automatic detection work as expected?
Message format handling - Any edge cases with legacy message conversion?

Workers - Built with Cloudflare button

Wed, 10 Sep 2025 00:00:00 GMT

We've updated our "Built with Cloudflare" button to make it easier to share that you're building on Cloudflare with the world. Embed it in your project's README, blog post, or wherever you want to let people know.

Check out the documentation for usage information.

Workers - Deploy static sites to Workers without a configuration file

Tue, 09 Sep 2025 00:00:00 GMT

Deploying static site to Workers is now easier. When you run wrangler deploy [directory] or wrangler deploy --assets [directory] without an existing configuration file, Wrangler CLI now guides you through the deployment process with interactive prompts.

Before and after

Before: Required remembering multiple flags and parameters

wrangler deploy --assets ./dist --compatibility-date 2025-09-09 --name my-project

After: Simple directory deployment with guided setup

wrangler deploy dist
# Interactive prompts handle the rest as shown in the example flow below

What's new

Interactive prompts for missing configuration:

Wrangler detects when you're trying to deploy a directory of static assets
Prompts you to confirm the deployment type
Asks for a project name (with smart defaults)
Automatically sets the compatibility date to today

Automatic configuration generation:

Creates a wrangler.jsonc file with your deployment settings
Stores your choices for future deployments
Eliminates the need to remember complex command-line flags

Example workflow

# Deploy your built static site
wrangler deploy dist

# Wrangler will prompt:
✔ It looks like you are trying to deploy a directory of static assets only. Is this correct? … yes
✔ What do you want to name your project? … my-astro-site

# Automatically generates a wrangler.jsonc file and adds it to your project:
{
  "name": "my-astro-site",
  "compatibility_date": "2025-09-09",
  "assets": {
    "directory": "dist"
  }
}

# Next time you run wrangler deploy, this will use the configuration in your newly generated wrangler.jsonc file
wrangler deploy

Requirements

You must use Wrangler version 4.24.4 or later in order to use this feature

Cloudflare WAN - Custom IKE ID for IPsec Tunnels

Mon, 08 Sep 2025 00:00:00 GMT

Now, Magic WAN customers can configure a custom IKE ID for their IPsec tunnels. Customers that are using Magic WAN and a VeloCloud SD-WAN device together can utilize this new feature to create a high availability configuration.

This feature is available via API only. Customers can read the Magic WAN documentation to learn more about the Custom IKE ID feature and the API call to configure it.

Cloudflare Fundamentals - Reminders about two-factor authentication backup codes

Mon, 08 Sep 2025 00:00:00 GMT

Two-factor authentication is the best way to help protect your account from account takeovers, but if you lose your second factor, you could be locked out of your account. Lock outs are one of the top reasons customers contact Cloudflare support, and our policies often don't allow us to bypass two-factor authentication for customers that are locked out. Today we are releasing an improvement where Cloudflare will periodically remind you to securely save your backup codes so you don't get locked out in the future.

For more information

Two-factor authentication

WAF - WAF Release - 2025-09-08

Mon, 08 Sep 2025 00:00:00 GMT

This week's update

This week’s focus highlights newly disclosed vulnerabilities in web frameworks, enterprise applications, and widely deployed CMS plugins. The vulnerabilities include SSRF, authentication bypass, arbitrary file upload, and remote code execution (RCE), exposing organizations to high-impact risks such as unauthorized access, system compromise, and potential data exposure. In addition, security rule enhancements have been deployed to cover general command injection and server-side injection attacks, further strengthening protections.

Key Findings

Next.js (CVE-2025-57822): Improper handling of redirects in custom middleware can lead to server-side request forgery (SSRF) when user-supplied headers are forwarded. Attackers could exploit this to access internal services or cloud metadata endpoints. The issue has been resolved in versions 14.2.32 and 15.4.7. Developers using custom middleware should upgrade and verify proper redirect handling in next() calls.
ScriptCase (CVE-2025-47227, CVE-2025-47228): In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), two vulnerabilities allow attackers to reset admin accounts and execute system commands, potentially leading to full compromise of affected deployments.
Sar2HTML (CVE-2025-34030): In Sar2HTML version 3.2.2 and earlier, insufficient input sanitization of the plot parameter allows remote, unauthenticated attackers to execute arbitrary system commands. Exploitation could compromise the underlying server and its data.
Zhiyuan OA (CVE-2025-34040): An arbitrary file upload vulnerability exists in the Zhiyuan OA platform. Improper validation in the wpsAssistServlet interface allows unauthenticated attackers to upload crafted files via path traversal, which can be executed on the web server, leading to remote code execution.
WordPress:Plugin:InfiniteWP Client (CVE-2020-8772): A vulnerability in the InfiniteWP Client plugin allows attackers to perform restricted actions and gain administrative control of connected WordPress sites.

Impact

These vulnerabilities could allow attackers to gain unauthorized access, execute malicious code, or take full control of affected systems. The Next.js SSRF flaw may expose internal services or cloud metadata endpoints to attackers. Exploitations of ScriptCase and Sar2HTML could result in remote code execution, administrative takeover, and full server compromise. In Zhiyuan OA, the arbitrary file upload vulnerability allows attackers to execute malicious code on the web server, potentially exposing sensitive data and applications. The authentication bypass in WordPress InfiniteWP Client enables attackers to gain administrative access, risking data exposure and unauthorized control of connected sites.

Administrators are strongly advised to apply vendor patches immediately, remove unsupported software, and review authentication and access controls to mitigate these risks.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	7c5812a31fd94996b3299f7e963d7afc	100007D	Command Injection - Common Attack Commands Args	Log	Block	This rule has been merged into the original rule "Command Injection - Common Attack Commands" (ID: 89557ce9b26e4d4dbf29e90c28345b9b ) for New WAF customers only.
Cloudflare Managed Ruleset	cd528243d6824f7ab56182988230a75b	100617	Next.js - SSRF - CVE:CVE-2025-57822	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	503b337dac5c409d8f833a6ba22dabf1	100659_BETA	Common Payloads for Server-Side Template Injection - Beta	Log	Block	This rule is merged into the original rule "Common Payloads for Server-Side Template Injection" (ID: 21c7a963e1b749e7b1753238a28a42c4 )
Cloudflare Managed Ruleset	6d24266148f24f5e9fa487f8b416b7ca	100824B	CrushFTP - Remote Code Execution - CVE:CVE-2025-54309 - 3	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	154b217c43d04f11a13aeff05db1fa6b	100848	ScriptCase - Auth Bypass - CVE:CVE-2025-47227	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	cad6f1c8c6d44ef59929e6532c62d330	100849	ScriptCase - Command Injection - CVE:CVE-2025-47228	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	e7464139fd3e44938b56716bef971afd	100872	WordPress:Plugin:InfiniteWP Client - Missing Authorization - CVE:CVE-2020-8772	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	0181ebb2cc234f2d863412e1bab19b0b	100873	Sar2HTML - Command Injection - CVE:CVE-2025-34030	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	34d5c7c7b08b40eaad5b2bb3f24c0fbe	100875	Zhiyuan OA - Remote Code Execution - CVE:CVE-2025-34040	Log	Block	This is a New Detection

Cloudflare WAN - Bidirectional tunnel health checks are compatible with all Magic on-ramps

Fri, 05 Sep 2025 00:00:00 GMT

All bidirectional tunnel health check return packets are accepted by any Magic on-ramp.

Previously, when a Magic tunnel had a bidirectional health check configured, the bidirectional health check would pass when the return packets came back to Cloudflare over the same tunnel that was traversed by the forward packets.

There are SD-WAN devices, like VeloCloud, that do not offer controls to steer traffic over one tunnel versus another in a high availability tunnel configuration.

Now, when a Magic tunnel has a bidirectional health check configured, the bidirectional health check will pass when the return packet traverses over any tunnel in a high availability configuration.

Workers AI - Introducing EmbeddingGemma from Google on Workers AI

Fri, 05 Sep 2025 00:00:00 GMT

We're excited to be a launch partner alongside Google to bring their newest embedding model, EmbeddingGemma, to Workers AI that delivers best-in-class performance for its size, enabling RAG and semantic search use cases.

@cf/google/embeddinggemma-300m is a 300M parameter embedding model from Google, built from Gemma 3 and the same research used to create Gemini models. This multilingual model supports 100+ languages, making it ideal for RAG systems, semantic search, content classification, and clustering tasks.

Using EmbeddingGemma in AI Search: Now you can leverage EmbeddingGemma directly through AI Search for your RAG pipelines. EmbeddingGemma's multilingual capabilities make it perfect for global applications that need to understand and retrieve content across different languages with exceptional accuracy.

To use EmbeddingGemma for your AI Search projects:

Go to Create in the AI Search dashboard
Follow the setup flow for your new RAG instance
In the Generate Index step, open up More embedding models and select @cf/google/embeddinggemma-300m as your embedding model
Complete the setup to create an AI Search

Try it out and let us know what you think!

WAF - WAF Release - 2025-09-04 - Emergency

Thu, 04 Sep 2025 00:00:00 GMT

This week's update

This week, new critical vulnerabilities were disclosed in Sitecore’s Sitecore Experience Manager (XM), Sitecore Experience Platform (XP), specifically versions 9.0 through 9.3, and 10.0 through 10.4. These flaws are caused by unsafe data deserialization and code reflection, leaving affected systems at high risk of exploitation.

Key Findings

CVE-2025-53690: Remote Code Execution through Insecure Deserialization
CVE-2025-53691: Remote Code Execution through Insecure Deserialization
CVE-2025-53693: HTML Cache Poisoning through Unsafe Reflections

Impact

Exploitation could allow attackers to execute arbitrary code remotely on the affected system and conduct cache poisoning attacks, potentially leading to further compromise. Applying the latest vendor-released solution without delay is strongly recommended.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	588edc74df1f4609b3c2f7ef0ee2c15e	100878	Sitecore - Remote Code Execution - CVE:CVE-2025-53691	N/A	Block	This is a new detection
Cloudflare Managed Ruleset	d1bd7563e6254db48ce703807c5b669c	100631	Sitecore - Cache Poisoning - CVE:CVE-2025-53693	N/A	Block	This is a new detection
Cloudflare Managed Ruleset	ed94c7ce5301411a94a21a096c410240	100879	Sitecore - Remote Code Execution - CVE:CVE-2025-53690	N/A	Block	This is a new detection

Workers, Workers for Platforms - Increased static asset limits for Workers

Thu, 04 Sep 2025 00:00:00 GMT

You can now upload up to 100,000 static assets per Worker version

Paid and Workers for Platforms users can now upload up to 100,000 static assets per Worker version, a 5x increase from the previous limit of 20,000.
Customers on the free plan still have the same limit as before — 20,000 static assets per version of your Worker
The individual file size limit of 25 MiB remains unchanged for all customers.

This increase allows you to build larger applications with more static assets without hitting limits.

Wrangler

To take advantage of the increased limits, you must use Wrangler version 4.34.0 or higher. Earlier versions of Wrangler will continue to enforce the previous 20,000 file limit.

Learn more

For more information about Workers static assets, see the Static Assets documentation and Platform Limits.

Workers - A new, simpler REST API for Cloudflare Workers (Beta)

Thu, 04 Sep 2025 00:00:00 GMT

You can now manage Workers, Versions, and Deployments as separate resources with a new, resource-oriented API (Beta).

This new API is supported in the Cloudflare Terraform provider and the Cloudflare Typescript SDK, allowing platform teams to manage a Worker's infrastructure in Terraform, while development teams handle code deployments from a separate repository or workflow. We also designed this API with AI agents in mind, as a clear, predictable structure is essential for them to reliably build, test, and deploy applications.

Try it out

New beta API endpoints
Cloudflare TypeScript SDK v5.0.0
Cloudflare Go SDK v6.0.0
Terraform provider v5.9.0: cloudflare_worker , cloudflare_worker_version, and cloudflare_workers_deployments resources.
See full examples in our Infrastructure as Code (IaC) guide

Before: Eight+ endpoints with mixed responsibilities

The existing API was originally designed for simple, one-shot script uploads:

curl -X PUT "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/workers/scripts/$SCRIPT_NAME" \
    -H "X-Auth-Email: $CLOUDFLARE_EMAIL" \
    -H "X-Auth-Key: $CLOUDFLARE_API_KEY" \
    -H "Content-Type: multipart/form-data" \
    -F 'metadata={
      "main_module": "worker.js",
      "compatibility_date": "$today$"
    }' \
    -F "worker.js=@worker.js;type=application/javascript+module"

This API worked for creating a basic Worker, uploading all of its code, and deploying it immediately — but came with challenges:

A Worker couldn't exist without code: To create a Worker, you had to upload its code in the same API request. This meant platform teams couldn't provision Workers with the proper settings, and then hand them off to development teams to deploy the actual code.
Several endpoints implicitly created deployments: Simple updates like adding a secret or changing a script's content would implicitly create a new version and immediately deploy it.
Updating a setting was confusing: Configuration was scattered across eight endpoints with overlapping responsibilities. This ambiguity made it difficult for human developers (and even more so for AI agents) to reliably update a Worker via API.
Scripts used names as primary identifiers: This meant simple renames could turn into a risky migration, requiring you to create a brand new Worker and update every reference. If you were using Terraform, this could inadvertently destroy your Worker altogether.

After: Three resources with clear boundaries

All endpoints now use simple JSON payloads, with script content embedded as base64-encoded strings -- a more consistent and reliable approach than the previous multipart/form-data format.

Worker: The parent resource representing your application. It has a stable UUID and holds persistent settings like name, tags, and logpush. You can now create a Worker to establish its identity and settings before any code is uploaded.
Version: An immutable snapshot of your code and its specific configuration, like bindings and compatibility_date. Creating a new version is a safe action that doesn't affect live traffic.
Deployment: An explicit action that directs traffic to a specific version.

Why this matters

You can now create Workers before uploading code

Workers are now standalone resources that can be created and configured without any code. Platform teams can provision Workers with the right settings, then hand them off to development teams for implementation.

Example: Typescript SDK

// Step 1: Platform team creates the Worker resource (no code needed)
const worker = await client.workers.beta.workers.create({
  name: "payment-service",
  account_id: "...",
  observability: {
    enabled: true,
  },
});

// Step 2: Development team adds code and creates a version later
const version = await client.workers.beta.workers.versions.create(worker.id, {
  account_id: "...",
  main_module: "worker.js",
  compatibility_date: "$today",
  bindings: [ /*...*/ ],
  modules: [
    {
      name: "worker.js",
      content_type: "application/javascript+module",
      content_base64: Buffer.from(scriptContent).toString("base64"),
    },
  ],
});

// Step 3: Deploy explicitly when ready
const deployment = await client.workers.scripts.deployments.create(worker.name, {
  account_id: "...",
  strategy: "percentage",
  versions: [
    {
      percentage: 100,
      version_id: version.id,
    },
  ],
});

Example: Terraform

If you use Terraform, you can now declare the Worker in your Terraform configuration and manage configuration outside of Terraform in your Worker's wrangler.jsonc file and deploy code changes using Wrangler.

resource "cloudflare_worker" "my_worker" {
  account_id = "..."
  name = "my-important-service"
}
# Manage Versions and Deployments here or outside of Terraform
# resource "cloudflare_worker_version" "my_worker_version" {}
# resource "cloudflare_workers_deployment" "my_worker_deployment" {}

Deployments are always explicit, never implicit

Creating a version and deploying it are now always explicit, separate actions - never implicit side effects. To update version-specific settings (like bindings), you create a new version with those changes. The existing deployed version remains unchanged until you explicitly deploy the new one.

# Step 1: Create a new version with updated settings (doesn't affect live traffic)
POST /workers/workers/{id}/versions
{
  "compatibility_date": "$today",
  "bindings": [
    {
      "name": "MY_NEW_ENV_VAR",
      "text": "new_value",
      "type": "plain_text"
    }
  ],
  "modules": [...]
}

# Step 2: Explicitly deploy when ready (now affects live traffic)
POST /workers/scripts/{script_name}/deployments
{
  "strategy": "percentage",
  "versions": [
    {
      "percentage": 100,
      "version_id": "new_version_id"
    }
  ]
}

Settings are clearly organized by scope

Configuration is now logically divided: Worker settings (like name and tags) persist across all versions, while Version settings (like bindings and compatibility_date) are specific to each code snapshot.

# Worker settings (the parent resource)
PUT /workers/workers/{id}
{
  "name": "payment-service",
  "tags": ["production"],
  "logpush": true,
}

# Version settings (the "code")
POST /workers/workers/{id}/versions
{
  "compatibility_date": "$today",
  "bindings": [...],
  "modules": [...]
}

`/workers` API endpoints now support UUIDs (in addition to names)

The /workers/workers/ path now supports addressing a Worker by both its immutable UUID and its mutable name.

# Both work for the same Worker
GET /workers/workers/29494978e03748669e8effb243cf2515  # UUID (stable for automation)
GET /workers/workers/payment-service                  # Name (convenient for humans)

This dual approach means:

Developers can use readable names for debugging.
Automation can rely on stable UUIDs to prevent errors when Workers are renamed.
Terraform can rename Workers without destroying and recreating them.

Learn more

Technical notes

The pre-existing Workers REST API remains fully supported. Once the new API exits beta, we'll provide a migration timeline with ample notice and comprehensive migration guides.
Existing Terraform resources and SDK methods will continue to be fully supported through the current major version.
While the Deployments API currently remains on the /scripts/ endpoint, we plan to introduce a new Deployments endpoint under /workers/ to match the new API structure.

Cloudflare Fundamentals - Introducing new headers for rate limiting on Cloudflare's API

Wed, 03 Sep 2025 00:00:00 GMT

Cloudflare's API now supports rate limiting headers using the pattern developed by the IETF draft on rate limiting. This allows API consumers to know how many more calls are left until the rate limit is reached, as well as how long you will need to wait until more capacity is available.

Our SDKs automatically work with these new headers, backing off when rate limits are approached. There is no action required for users of the latest Cloudflare SDKs to take advantage of this.

As always, if you need any help with rate limits, please contact Support.

Changes

New Headers

Headers that are always returned:

Ratelimit: List of service limit items, composed of the limit name, the remaining quota (r) and the time next window resets (t). For example: "default";r=50;t=30
Ratelimit-Policy: List of quota policy items, composed of the policy name, the total quota (q) and the time window the quota applies to (w). For example: "burst";q=100;w=60

Returned only when a rate limit has been reached (error code: 429):

Retry-After: Number of Seconds until more capacity is available, rounded up

SDK Back offs

All of Cloudflare's latest SDKs will automatically respond to the headers, instituting a backoff when limits are approached.

GraphQL and Edge APIs

These new headers and back offs are only available for Cloudflare REST APIs, and will not affect GraphQL.

For more information

Rate limits at Cloudflare

Log Explorer - Logging headers and cookies using custom fields

Wed, 03 Sep 2025 00:00:00 GMT

Log Explorer now supports logging and filtering on header or cookie fields in the http_requests dataset.

Create a custom field to log desired header or cookie values into the http_requests dataset and Log Explorer will import these as searchable fields. Once configured, use the custom SQL editor in Log Explorer to view or filter on these requests.

For more details, refer to Headers and cookies.

Cloudflare Tunnel, Cloudflare Tunnel for SASE - Cloudflare Tunnel and Networks API will no longer return deleted resources by default starting December 1, 2025

Tue, 02 Sep 2025 00:00:00 GMT

Starting December 1, 2025, list endpoints for the Cloudflare Tunnel API and Zero Trust Networks API will no longer return deleted tunnels, routes, subnets and virtual networks by default. This change makes the API behavior more intuitive by only returning active resources unless otherwise specified.

No action is required if you already explicitly set is_deleted=false or if you only need to list active resources.

This change affects the following API endpoints:

List all tunnels: GET /accounts/{account_id}/tunnels
List Cloudflare Tunnels: GET /accounts/{account_id}/cfd_tunnel
List WARP Connector tunnels: GET /accounts/{account_id}/warp_connector
List tunnel routes: GET /accounts/{account_id}/teamnet/routes
List subnets: GET /accounts/{account_id}/zerotrust/subnets
List virtual networks: GET /accounts/{account_id}/teamnet/virtual_networks

What is changing?

The default behavior of the is_deleted query parameter will be updated.

Scenario	Previous behavior (before December 1, 2025)	New behavior (from December 1, 2025)
`is_deleted` parameter is omitted	Returns active & deleted tunnels, routes, subnets and virtual networks	Returns only active tunnels, routes, subnets and virtual networks

Action required

If you need to retrieve deleted (or all) resources, please update your API calls to explicitly include the is_deleted parameter before December 1, 2025.

To get a list of only deleted resources, you must now explicitly add the is_deleted=true query parameter to your request:

# Example: Get ONLY deleted Tunnels
curl "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/tunnels?is_deleted=true" \
     -H "Authorization: Bearer $API_TOKEN"

# Example: Get ONLY deleted Virtual Networks
curl "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/teamnet/virtual_networks?is_deleted=true" \
     -H "Authorization: Bearer $API_TOKEN"

Following this change, retrieving a complete list of both active and deleted resources will require two separate API calls: one to get active items (by omitting the parameter or using is_deleted=false) and one to get deleted items (is_deleted=true).

Why we’re making this change

This update is based on user feedback and aims to:

Create a more intuitive default: Aligning with common API design principles where list operations return only active resources by default.
Reduce unexpected results: Prevents users from accidentally operating on deleted resources that were returned unexpectedly.
Improve performance: For most users, the default query result will now be smaller and more relevant.

To learn more, please visit the Cloudflare Tunnel API and Zero Trust Networks API documentation.

Email security - Updated Email security roles

Mon, 01 Sep 2025 23:25:49 GMT

To provide more granular controls, we refined the existing roles for Email security and launched a new Email security role as well.

All Email security roles no longer have read or write access to any of the other Zero Trust products:

Email Configuration Admin
Email Integration Admin
Email security Read Only
Email security Analyst
Email security Policy Admin
Email security Reporting

To configure Data Loss Prevention (DLP) or Remote Browser Isolation (RBI), you now need to be an admin for the Zero Trust dashboard with the Cloudflare Zero Trust role.

Also through customer feedback, we have created a new additive role to allow Email security Analyst to create, edit, and delete Email security policies, without needing to provide access via the Email Configuration Admin role. This role is called Email security Policy Admin, which can read all settings, but has write access to allow policies, trusted domains, and blocked senders.

This feature is available across these Email security packages:

Advantage
Enterprise
Enterprise + PhishGuard

WAF - WAF Release - 2025-09-01

Mon, 01 Sep 2025 00:00:00 GMT

This week's update

This week, a critical vulnerability was disclosed in Fortinet FortiWeb (versions 7.6.3 and below, versions 7.4.7 and below, versions 7.2.10 and below, and versions 7.0.10 and below), linked to improper parameter handling that could allow unauthorized access.

Key Findings

Fortinet FortiWeb (CVE-2025-52970): A vulnerability may allow an unauthenticated remote attacker with access to non-public information to log in as any existing user on the device via a specially crafted request.

Impact

Exploitation could allow an unauthenticated attacker to impersonate any existing user on the device, potentially enabling them to modify system settings or exfiltrate sensitive information, posing a serious security risk. Upgrading to the latest vendor-released version is strongly recommended.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	636b145a49a84946b990d4fac49b7cf8	100586	Fortinet FortiWeb - Auth Bypass - CVE:CVE-2025-52970	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	b5ef1ace353841a0856b5e07790c9dde	100136C	XSS - JavaScript - Headers and Body	N/A	N/A	Rule metadata description refined. Detection unchanged.

Cache - Smart Tiered Cache Fallback to Generic

Fri, 29 Aug 2025 00:00:00 GMT

Smart Tiered Cache now falls back to Generic Tiered Cache when the origin location cannot be determined, improving cache precision for your content.

Previously, when Smart Tiered Cache was unable to select the optimal upper tier (such as when origins are masked by Anycast IPs), latency could be negatively impacted. This fallback now uses Generic Tiered Cache instead, providing better performance and cache efficiency.

How it works

When Smart Tiered Cache falls back to Generic Tiered Cache:

Multiple upper-tiers: Uses all of Cloudflare's global data centers as a network of upper-tiers instead of a single optimal location.
Distributed cache requests: Lower-tier data centers can query any available upper-tier for cached content.
Improved global coverage: Provides better cache hit ratios across geographically distributed visitors.
Automatic fallback: Seamlessly transitions when origin location cannot be determined, such as with Anycast-masked origins.

Benefits

Preserves high performance during fallback: Smart Tiered Cache now maintains strong cache efficiency even when optimal upper tier selection is not possible.
Minimizes latency impact: Automatically uses Generic Tiered Cache topology to keep performance high when origin location cannot be determined.
Seamless experience: No configuration changes or intervention required when fallback occurs.
Improved resilience: Smart Tiered Cache remains effective across diverse origin infrastructure, including Anycast-masked origins.

Get started

This improvement is automatically applied to all zones using Smart Tiered Cache. No action is required on your part.

Cloudflare One Client - Cloudflare One WARP Diagnostic AI Analyzer

Fri, 29 Aug 2025 00:00:00 GMT

We're excited to share a new AI feature, the WARP diagnostic analyzer, to help you troubleshoot and resolve WARP connectivity issues faster. This beta feature is now available in the Zero Trust dashboard to all users. The AI analyzer makes it easier for you to identify the root cause of client connectivity issues by parsing remote captures of WARP diagnostic logs. The WARP diagnostic analyzer provides a summary of impact that may be experienced on the device, lists notable events that may contribute to performance issues, and recommended troubleshooting steps and articles to help you resolve these issues. Refer to WARP diagnostics analyzer (beta) to learn more about how to maximize using the WARP diagnostic analyzer to troubleshoot the WARP client.

Digital Experience Monitoring - DEX MCP Server

Fri, 29 Aug 2025 00:00:00 GMT

Digital Experience Monitoring (DEX) provides visibility into device connectivity and performance across your Cloudflare SASE deployment.

We've released an MCP server (Model Context Protocol) for DEX.

The DEX MCP server is an AI tool that allows customers to ask a question like, "Show me the connectivity and performance metrics for the device used by carly‌@acme.com", and receive an answer that contains data from the DEX API.

Any Cloudflare One customer using a Free, PayGo, or Enterprise account can access the DEX MCP Server. This feature is available to everyone.

Customers can test the new DEX MCP server in less than one minute. To learn more, read the DEX MCP server documentation.

Cloudflare Fundamentals, Terraform - Terraform v5.9 now available

Fri, 29 Aug 2025 00:00:00 GMT

Earlier this year, we announced the launch of the new Terraform v5 Provider. We are aware of the high number of issues reported by the Cloudflare community related to the v5 release. We have committed to releasing improvements on a 2 week cadence to ensure its stability and reliability, including the v5.9 release. We have also pivoted from an issue-to-issue approach to a resource-per-resource approach - we will be focusing on specific resources for every release, stabilizing the release, and closing all associated bugs with that resource before moving onto resolving migration issues.

Thank you for continuing to raise issues. We triage them weekly and they help make our products stronger.

This release includes a new resource, cloudflare_snippet, which replaces cloudflare_snippets. cloudflare_snippet is now considered deprecated but can still be used. Please utilize cloudflare_snippet as soon as possible.

Changes

Resources stabilized:
- cloudflare_zone_setting
- cloudflare_worker_script
- cloudflare_worker_route
- tiered_cache
NEW resource cloudflare_snippet which should be used in place of cloudflare_snippets. cloudflare_snippets is now deprecated. This enables the management of Cloudflare's snippet functionality through Terraform.
DNS Record Improvements: Enhanced handling of DNS record drift detection
Load Balancer Fixes: Resolved created_on field inconsistencies and improved pool configuration handling
Bot Management: Enhanced auto-update model state consistency and fight mode configurations
Other bug fixes

For a more detailed look at all of the changes, refer to the changelog in GitHub.

Issues Closed

If you have an unaddressed issue with the provider, we encourage you to check the open issues and open a new issue if one does not already exist for what you are experiencing.

Upgrading

We suggest holding off on migration to v5 while we work on stabilization. This help will you avoid any blocking issues while the Terraform resources are actively being stabilized.

If you'd like more information on migrating from v4 to v5, please make use of the migration guide. We have provided automated migration scripts using Grit which simplify the transition. These do not support implementations which use Terraform modules, so customers making use of modules need to migrate manually. Please make use of terraform plan to test your changes before applying, and let us know if you encounter any additional issues by reporting to our GitHub repository.

For more info

WAF - WAF Release - 2025-08-29 - Emergency

Fri, 29 Aug 2025 00:00:00 GMT

This week's update

This week, new critical vulnerabilities were disclosed in Next.js’s image optimization functionality, exposing a broad range of production environments to risks of data exposure and cache manipulation.

Key Findings

CVE-2025-55173: Arbitrary file download from the server via image optimization.
CVE-2025-57752: Cache poisoning leading to unauthorized data disclosure.

Impact

Exploitation could expose sensitive files, leak user or backend data, and undermine application trust. Given Next.js’s wide use, immediate patching and cache hardening are strongly advised.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	ea55f8aac44246cc9b827eea9ff4bfe3	100613	Next.js - Dangerous File Download - CVE:CVE-2025-55173	N/A	Block	This is a new detection
Cloudflare Managed Ruleset	e2b2d77a79cc4a76bf7ba53d69b9ea7d	100616	Next.js - Information Disclosure - CVE:CVE-2025-57752	N/A	Block	This is a new detection

AI Crawl Control - Enhanced crawler insights and custom 402 responses

Wed, 27 Aug 2025 00:00:00 GMT

We improved AI crawler management with detailed analytics and introduced custom HTTP 402 responses for blocked crawlers. AI Audit has been renamed to AI Crawl Control and is now generally available.

Enhanced Crawlers tab:

View total allowed and blocked requests for each AI crawler
Trend charts show crawler activity over your selected time range per crawler

Custom block responses (paid plans): You can now return HTTP 402 "Payment Required" responses when blocking AI crawlers, enabling direct communication with crawler operators about licensing terms.

For users on paid plans, when blocking AI crawlers you can configure:

Response code: Choose between 403 Forbidden or 402 Payment Required
Response body: Add a custom message with your licensing contact information

Example 402 response:

HTTP 402 Payment Required
Date: Mon, 24 Aug 2025 12:56:49 GMT
Content-type: application/json
Server: cloudflare
Cf-Ray: 967e8da599d0c3fa-EWR
Cf-Team: 2902f6db750000c3fa1e2ef400000001

{
  "message": "Please contact the site owner for access."
}

Gateway, Cloudflare One - Shadow IT - SaaS analytics dashboard

Wed, 27 Aug 2025 00:00:00 GMT

Zero Trust has significantly upgraded its Shadow IT analytics, providing you with unprecedented visibility into your organizations use of SaaS tools. With this dashboard, you can review who is using an application and volumes of data transfer to the application.

You can review these metrics against application type, such as Artificial Intelligence or Social Media. You can also mark applications with an approval status, including Unreviewed, In Review, Approved, and Unapproved designating how they can be used in your organization.

These application statuses can also be used in Gateway HTTP policies, so you can block, isolate, limit uploads and downloads, and more based on the application status.

Both the analytics and policies are accessible in the Cloudflare Zero Trust dashboard, empowering organizations with better visibility and control.

Workers AI - Deepgram and Leonardo partner models now available on Workers AI

Wed, 27 Aug 2025 00:00:00 GMT

New state-of-the-art models have landed on Workers AI! This time, we're introducing new partner models trained by our friends at Deepgram and Leonardo, hosted on Workers AI infrastructure.

As well, we're introuding a new turn detection model that enables you to detect when someone is done speaking — useful for building voice agents!

Read the blog for more details and check out some of the new models on our platform:

@cf/deepgram/aura-1 is a text-to-speech model that allows you to input text and have it come to life in a customizable voice
@cf/deepgram/nova-3 is speech-to-text model that transcribes multilingual audio at a blazingly fast speed
@cf/pipecat-ai/smart-turn-v2 helps you detect when someone is done speaking
@cf/leonardo/lucid-origin is a text-to-image model that generates images with sharp graphic design, stunning full-HD renders, or highly specific creative direction
@cf/leonardo/phoenix-1.0 is a text-to-image model with exceptional prompt adherence and coherent text

You can filter out new partner models with the Partner capability on our Models page.

As well, we're introducing WebSocket support for some of our audio models, which you can filter though the Realtime capability on our Models page. WebSockets allows you to create a bi-directional connection to our inference server with low latency — perfect for those that are building voice agents.

An example python snippet on how to use WebSockets with our new Aura model:

import json
import os
import asyncio
import websockets

uri = f"wss://api.cloudflare.com/client/v4/accounts/{ACCOUNT_ID}/ai/run/@cf/deepgram/aura-1"

input = [
    "Line one, out of three lines that will be provided to the aura model.",
    "Line two, out of three lines that will be provided to the aura model.",
    "Line three, out of three lines that will be provided to the aura model. This is a last line.",
]


async def text_to_speech():
    async with websockets.connect(uri, additional_headers={"Authorization": os.getenv("CF_TOKEN")}) as websocket:
        print("connection established")
        for line in input:
            print(f"sending `{line}`")
            await websocket.send(json.dumps({"type": "Speak", "text": line}))

            print("line was sent, flushing")
            await websocket.send(json.dumps({"type": "Flush"}))
            print("flushed, recving")
            resp = await websocket.recv()
            print(f"response received {resp}")


if __name__ == "__main__":
    asyncio.run(text_to_speech())

CASB - New CASB integrations for ChatGPT, Claude, and Gemini

Tue, 26 Aug 2025 16:00:00 GMT

Cloudflare CASB now supports three of the most widely used GenAI platforms — OpenAI ChatGPT, Anthropic Claude, and Google Gemini. These API-based integrations give security teams agentless visibility into posture, data, and compliance risks across their organization’s use of generative AI.

Key capabilities

Agentless connections — connect ChatGPT, Claude, and Gemini tenants via API; no endpoint software required
Posture management — detect insecure settings and misconfigurations that could lead to data exposure
DLP detection — identify sensitive data in uploaded chat attachments or files
GenAI-specific insights — surface risks unique to each provider’s capabilities

Learn more

These integrations are available to all Cloudflare One customers today.

Access - Manage and restrict access to internal MCP servers with Cloudflare Access

Tue, 26 Aug 2025 00:00:00 GMT

You can now control who within your organization has access to internal MCP servers, by putting internal MCP servers behind Cloudflare Access.

Self-hosted applications in Cloudflare Access now support OAuth for MCP server authentication. This allows Cloudflare to delegate access from any self-hosted application to an MCP server via OAuth. The OAuth access token authorizes the MCP server to make requests to your self-hosted applications on behalf of the authorized user, using that user's specific permissions and scopes.

For example, if you have an MCP server designed for internal use within your organization, you can configure Access policies to ensure that only authorized users can access it, regardless of which MCP client they use. Support for internal, self-hosted MCP servers also works with MCP server portals, allowing you to provide a single MCP endpoint for multiple MCP servers. For more on MCP server portals, read the blog post on the Cloudflare Blog.

Access - MCP server portals

Tue, 26 Aug 2025 00:00:00 GMT

An MCP server portal centralizes multiple Model Context Protocol (MCP) servers onto a single HTTP endpoint. Key benefits include:

Streamlined access to multiple MCP servers: MCP server portals support both unauthenticated MCP servers as well as MCP servers secured using any third-party or custom OAuth provider. Users log in to the portal URL through Cloudflare Access and are prompted to authenticate separately to each server that requires OAuth.
Customized tools per portal: Admins can tailor an MCP portal to a particular use case by choosing the specific tools and prompt templates that they want to make available to users through the portal. This allows users to access a curated set of tools and prompts — the less external context exposed to the AI model, the better the AI responses tend to be.
Observability: Once the user's AI agent is connected to the portal, Cloudflare Access logs the indiviudal requests made using the tools in the portal.

This is available in an open beta for all customers across all plans! For more information check out our blog for this release.

Vectorize - List all vectors in a Vectorize index with the new list-vectors operation

Tue, 26 Aug 2025 00:00:00 GMT

You can now list all vector identifiers in a Vectorize index using the new list-vectors operation. This enables bulk operations, auditing, and data migration workflows through paginated requests that maintain snapshot consistency.

The operation is available via Wrangler CLI and REST API. Refer to the list-vectors best practices guide for detailed usage guidance.

Secrets Store, AI Gateway, SSL/TLS - Manage and deploy your AI provider keys through Bring Your Own Key (BYOK) with AI Gateway, now powered by Cloudflare Secrets Store

Mon, 25 Aug 2025 11:00:00 GMT

Cloudflare Secrets Store is now integrated with AI Gateway, allowing you to store, manage, and deploy your AI provider keys in a secure and seamless configuration through Bring Your Own Key. Instead of passing your AI provider keys directly in every request header, you can centrally manage each key with Secrets Store and deploy in your gateway configuration using only a reference, rather than passing the value in plain text.

You can now create a secret directly from your AI Gateway in the dashboard by navigating into your gateway -> Provider Keys -> Add.

You can also create your secret with the newly available ai_gateway scope via wrangler, the Secrets Store dashboard, or the API.

Then, pass the key in the request header using its Secrets Store reference:

curl -X POST https://gateway.ai.cloudflare.com/v1/<ACCOUNT_ID>/my-gateway/anthropic/v1/messages \
 --header 'cf-aig-authorization: ANTHROPIC_KEY_1 \
 --header 'anthropic-version: 2023-06-01' \
 --header 'Content-Type: application/json' \
 --data  '{"model": "claude-3-opus-20240229", "messages": [{"role": "user", "content": "What is Cloudflare?"}]}'

Or, using Javascript:

import Anthropic from '@anthropic-ai/sdk';


const anthropic = new Anthropic({
 apiKey: "ANTHROPIC_KEY_1",
 baseURL: "https://gateway.ai.cloudflare.com/v1/<ACCOUNT_ID>/my-gateway/anthropic",
});


const message = await anthropic.messages.create({
 model: 'claude-3-opus-20240229',
 messages: [{role: "user", content: "What is Cloudflare?"}],
 max_tokens: 1024
});

For more information, check out the blog!

Data Loss Prevention - New DLP topic based detection entries for AI prompt protection

Mon, 25 Aug 2025 00:00:00 GMT

You now have access to a comprehensive suite of capabilities to secure your organization's use of generative AI. AI prompt protection introduces four key features that work together to provide deep visibility and granular control.

Prompt Detection for AI Applications

DLP can now natively detect and inspect user prompts submitted to popular AI applications, including Google Gemini, ChatGPT, Claude, and Perplexity.

Prompt Analysis and Topic Classification

Our DLP engine performs deep analysis on each prompt, applying topic classification. These topics are grouped into two evaluation categories:

Content: PII, Source Code, Credentials and Secrets, Financial Information, and Customer Data.
Intent: Jailbreak attempts, requests for malicious code, or attempts to extract PII.

To help you apply these topics quickly, we have also released five new predefined profiles (for example, AI Prompt: AI Security, AI Prompt: PII) that bundle these new topics.

Granular Guardrails

You can now build guardrails using Gateway HTTP policies with application granular controls. Apply a DLP profile containing an AI prompt topic detection to individual AI applications (for example, ChatGPT) and specific user actions (for example, SendPrompt) to block sensitive prompts.
Full Prompt Logging

To aid in incident investigation, an optional setting in your Gateway policy allows you to capture prompt logs to store the full interaction of prompts that trigger a policy match. To make investigations easier, logs can be filtered by conversation_id, allowing you to reconstruct the full context of an interaction that led to a policy violation.

AI prompt protection is now available in open beta. To learn more about it, read the blog or refer to AI prompt topics.

WAF - WAF Release - 2025-08-25

Mon, 25 Aug 2025 00:00:00 GMT

This week's update

This week, critical vulnerabilities were disclosed that impact widely used open-source infrastructure, creating high-risk scenarios for code execution and operational disruption.

Key Findings

Apache HTTP Server – Code Execution (CVE-2024-38474): A flaw in Apache HTTP Server allows attackers to achieve remote code execution, enabling full compromise of affected servers. This vulnerability threatens the confidentiality, integrity, and availability of critical web services.
Laravel (CVE-2024-55661): A security flaw in Laravel introduces the potential for remote code execution under specific conditions. Exploitation could provide attackers with unauthorized access to application logic and sensitive backend data.

Impact

These vulnerabilities pose severe risks to enterprise environments and open-source ecosystems. Remote code execution enables attackers to gain deep system access, steal data, disrupt services, and establish persistent footholds for broader intrusions. Given the widespread deployment of Apache HTTP Server and Laravel in production systems, timely patching and mitigation are critical.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	c550282a0f7343ca887bdab528050359	100822_BETA	WordPress:Plugin:WPBookit - Remote Code Execution - CVE:CVE-2025-6058	N/A	Disabled	This was merged in to the original rule "WordPress:Plugin:WPBookit - Remote Code Execution - CVE:CVE-2025-6058" (ID: 9b5c5e13d2ca4253a89769f2194f7b2d )
Cloudflare Managed Ruleset	456b1e8f827b4ed89fb4a54b3bdcdbad	100831	Apache HTTP Server - Code Execution - CVE:CVE-2024-38474	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	7dcc01e1dd074e42a26c8ca002eaac5b	100846	Laravel - Remote Code Execution - CVE:CVE-2024-55661	Log	Disabled	This is a New Detection

Workers - Content type returned in Workers Assets for Javascript files is now `text/javascript`

Mon, 25 Aug 2025 00:00:00 GMT

JavaScript asset responses have been updated to use the text/javascript Content-Type header instead of application/javascript. While both MIME types are widely supported by browsers, the HTML Living Standard explicitly recommends text/javascript as the preferred type going forward.

This change improves:

Standards alignment: Ensures consistency with the HTML spec and modern web platform guidance.
Interoperability: Some developer tools, validators, and proxies expect text/javascript and may warn or behave inconsistently with application/javascript.
Future-proofing: By following the spec-preferred MIME type, we reduce the risk of deprecation warnings or unexpected behavior in evolving browser environments.
Consistency: Most frameworks, CDNs, and hosting providers now default to text/javascript, so this change matches common ecosystem practice.

Because all major browsers accept both MIME types, this update is backwards compatible and should not cause breakage.

Users will see this change on the next deployment of their assets.

KV - Workers KV completes hybrid storage provider rollout for improved performance, fault-tolerance

Fri, 22 Aug 2025 12:00:00 GMT

Workers KV has completed rolling out performance improvements across all KV namespaces, providing a significant latency reduction on read operations for all KV users. This is due to architectural changes to KV's underlying storage infrastructure, which introduces a new metadata later and substantially improves redundancy.

Performance improvements

The new hybrid architecture delivers substantial latency reductions throughout Europe, Asia, Middle East, Africa regions. Over the past 2 weeks, we have observed the following:

p95 latency: Reduced from ~150ms to ~50ms (67% decrease)
p99 latency: Reduced from ~350ms to ~250ms (29% decrease)

Audit Logs - Audit logs (version 2) - Logpush Beta Release

Fri, 22 Aug 2025 00:00:00 GMT

Audit Logs v2 dataset is now available via Logpush.

This expands on earlier releases of Audit Logs v2 in the API and Dashboard UI.

We recommend creating a new Logpush job for the Audit Logs v2 dataset.

Timelines for General Availability (GA) of Audit Logs v2 and the retirement of Audit Logs v1 will be shared in upcoming updates.

For more details on Audit Logs v2, refer to the Audit Logs documentation.

Logs - Dedicated Egress IP for Logpush

Fri, 22 Aug 2025 00:00:00 GMT

Cloudflare Logpush can now deliver logs from using fixed, dedicated egress IPs. By routing Logpush traffic through a Cloudflare zone enabled with Aegis IP, your log destination only needs to allow Aegis IPs making setup more secure.

Highlights:

Fixed egress IPs ensure your destination only accepts traffic from known addresses.
Works with any supported Logpush destination.
Recommended to use a dedicated zone as a proxy for easier management.

To get started, work with your Cloudflare account team to provision Aegis IPs, then configure your Logpush job to deliver logs through the proxy zone. For full setup instructions, refer to the Logpush documentation.

WAF - WAF Release - 2025-08-22

Fri, 22 Aug 2025 00:00:00 GMT

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	0f3b6b9377334707b604be925fcca5c8	100850	Command Injection - Generic 2	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	36b0532eb3c941449afed2d3744305c4	100851	Remote Code Execution - Java Deserialization	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	5d3c0d0958d14512bd2a7d902b083459	100852	Command Injection - Generic 3	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	6e2f7a696ea74c979e7d069cefb7e5b9	100853	Remote Code Execution - Common Bash Bypass Beta	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	735666d7268545a5ae6cfd0b78513ad7	100854	XSS - Generic JavaScript	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	82780ba6f5df49dcb8d09af0e9a5daac	100855	Command Injection - Generic 4	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	8e305924a7dc4f91a2de931a480f6093	100856	PHP Object Injection	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	1d34e0d05c10473ca824e66fd4ae0a33	100857	Generic - Parameter Fuzzing	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	b517e4b79d7a47fbb61f447b1121ee45	100858	Code Injection - Generic 4	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	1f9accf629dc42cb84a7a14420de01e3	100859	SQLi - UNION - 2	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	e95939eacf7c4484b47101d5c0177e21	100860	Command Injection - Generic 5	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	7b426e6f456043f4a21c162085f4d7b3	100861	Command Execution - Generic	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	5fac82bd1c03463fb600cfa83fa8ee7f	100862	GraphQL Injection - 2	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	ab2cb1f2e2ad4da6a2685b1dc7a41d4b	100863	Command Injection - Generic 6	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	549b4fe1564a448d848365d565e3c165	100864	Code Injection - Generic 2	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	8ef3c3f91eef46919cc9cb6d161aafdc	100865	PHP Object Injection - 2	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	57e8ba867e6240d2af8ea0611cc3c3f8	100866	SQLi - LIKE 2	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	a967a167874b42b6898be46e48ac2221	100867	SQLi - DROP - 2	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	cf79a868cc934bcc92b86ff01f4eec13	100868	Code Injection - Generic 3	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	97a52405eaae47ae9627dbb22755f99e	100869	Command Injection - Generic 7	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	5b3ce84c099040c6a25cee2d413592e2	100870	Command Injection - Generic 8	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	5940a9ace2f04d078e35d435d2dd41b5	100871	SQLi - LIKE 3	N/A	Disabled	This is a New Detection

Workflows, Workers - Build durable multi-step applications in Python with Workflows (now in beta)

Fri, 22 Aug 2025 00:00:00 GMT

You can now build Workflows using Python. With Python Workflows, you get automatic retries, state persistence, and the ability to run multi-step operations that can span minutes, hours, or weeks using Python’s familiar syntax and the Python Workers runtime.

Python Workflows use the same step-based execution model as JavaScript Workflows, but with Python syntax and access to Python’s ecosystem. Python Workflows also enable DAG (Directed Acyclic Graph) workflows, where you can define complex dependencies between steps using the depends parameter.

Here’s a simple example:

from workers import Response, WorkflowEntrypoint

class PythonWorkflowStarter(WorkflowEntrypoint):
    async def run(self, event, step):
        @step.do("my first step")
        async def my_first_step():
            # do some work
            return "Hello Python!"

        await my_first_step()

        await step.sleep("my-sleep-step", "10 seconds")

        @step.do("my second step")
        async def my_second_step():
            # do some more work
            return "Hello again!"

        await my_second_step()

class Default(WorkerEntrypoint):
    async def fetch(self, request):
        await self.env.MY_WORKFLOW.create()
        return Response("Hello Workflow creation!")

Python Workflows support the same core capabilities as JavaScript Workflows, including sleep scheduling, event-driven workflows, and built-in error handling with configurable retry policies.

To learn more and get started, refer to Python Workflows documentation.

Cloudflare One Client - WARP client for Windows (version 2025.6.1400.0)

Thu, 21 Aug 2025 22:36:07 GMT

A new GA release for the Windows WARP client is now available on the stable releases downloads page.

This release contains a hotfix for pre-login for multi-user for the 2025.6.1135.0 release.

Changes and improvements

Fixes an issue where new pre-login registrations were not being properly created.

Known issues

For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum Windows 11 24H2 KB5062553 or higher for resolution.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, please reconnect the WARP client by toggling off and back on.

Durable Objects, Workers - New getByName() API to access Durable Objects

Thu, 21 Aug 2025 00:00:00 GMT

You can now create a client (a Durable Object stub) to a Durable Object with the new getByName method, removing the need to convert Durable Object names to IDs and then create a stub.

// Before: (1) translate name to ID then (2) get a client
const objectId = env.MY_DURABLE_OBJECT.idFromName("foo"); // or .newUniqueId()
const stub = env.MY_DURABLE_OBJECT.get(objectId);

// Now: retrieve client to Durable Object directly via its name
const stub = env.MY_DURABLE_OBJECT.getByName("foo");

// Use client to send request to the remote Durable Object
const rpcResponse = await stub.sayHello();

Each Durable Object has a globally-unique name, which allows you to send requests to a specific object from anywhere in the world. Thus, a Durable Object can be used to coordinate between multiple clients who need to work together. You can have billions of Durable Objects, providing isolation between application tenants.

To learn more, visit the Durable Objects API Documentation or the getting started guide.

Gateway - Gateway BYOIP Dedicated Egress IPs now available.

Thu, 21 Aug 2025 00:00:00 GMT

Enterprise Gateway users can now use Bring Your Own IP (BYOIP) for dedicated egress IPs.

Admins can now onboard and use their own IPv4 or IPv6 prefixes to egress traffic from Cloudflare, delivering greater control, flexibility, and compliance for network traffic.

Get started by following the BYOIP onboarding process. Once your IPs are onboarded, go to Gateway > Egress policies and select or create an egress policy. In Select an egress IP, choose Use dedicated egress IPs (Cloudflare or BYOIP), then select your BYOIP address from the dropdown menu.

For more information, refer to BYOIP for dedicated egress IPs.

Cloudflare One Client - WARP client for Windows (version 2025.6.1335.0)

Tue, 19 Aug 2025 22:10:43 GMT

A new GA release for the Windows WARP client is now available on the stable releases downloads page.

This release contains minor fixes and improvements.

Changes and improvements

Improvements to better manage multi-user pre-login registrations.
Fixed an issue preventing devices from reaching split-tunneled traffic even when WARP was disconnected.
Fix to prevent WARP from re-enabling its firewall rules after a user-initiated disconnect.
Improvement for faster client connectivity on high-latency captive portal networks.
Fixed an issue where recursive CNAME records could cause intermittent WARP connectivity issues.

Known issues

For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum Windows 11 24H2 version KB5062553 or higher for resolution.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2025.6.1335.0)

Tue, 19 Aug 2025 22:10:43 GMT

A new GA release for the macOS WARP client is now available on the stable releases downloads page.

This release contains minor fixes and improvements.

Changes and improvements

Fixed an issue preventing devices from reaching split-tunneled traffic even when WARP was disconnected.
Fix to prevent WARP from re-enabling its firewall rules after a user-initiated disconnect.
Improvement for faster client connectivity on high-latency captive portal networks.
Fixed an issue where recursive CNAME records could cause intermittent WARP connectivity issues.

Known issues

macOS Sequoia: Due to changes Apple introduced in macOS 15.0.x, the WARP client may not behave as expected. Cloudflare recommends the use of macOS 15.4 or later.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.

Cloudflare One Client - WARP client for Linux (version 2025.6.1335.0)

Tue, 19 Aug 2025 19:45:33 GMT

A new GA release for the Linux WARP client is now available on the stable releases downloads page.

This release contains minor fixes and improvements.

Changes and improvements

Fixed an issue preventing devices from reaching split-tunneled traffic even when WARP was disconnected.
Fix to prevent WARP from re-enabling its firewall rules after a user-initiated disconnect.
Improvement for faster client connectivity on high-latency captive portal networks.
Fixed an issue where recursive CNAME records could cause intermittent WARP connectivity issues.

Known issues

Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.

Queues - Subscribe to events from Cloudflare services with Queues

Tue, 19 Aug 2025 12:00:00 GMT

You can now subscribe to events from other Cloudflare services (for example, Workers KV, Workers AI, Workers) and consume those events via Queues, allowing you to build custom workflows, integrations, and logic in response to account activity.

Event subscriptions allow you to receive messages when events occur across your Cloudflare account. Cloudflare products can publish structured events to a queue, which you can then consume with Workers or pull via HTTP from anywhere.

To create a subscription, use the dashboard or Wrangler:

npx wrangler queues subscription create my-queue --source r2 --events bucket.created

An event is a structured record of something happening in your Cloudflare account – like a Workers AI batch request being queued, a Worker build completing, or an R2 bucket being created. Events follow a consistent structure:

{
  "type": "cf.r2.bucket.created",
  "source": {
    "type": "r2"
  },
  "payload": {
    "name": "my-bucket",
    "location": "WNAM"
  },
  "metadata": {
    "accountId": "f9f79265f388666de8122cfb508d7776",
    "eventTimestamp": "2025-07-28T10:30:00Z"
  }
}

Current event sources include R2, Workers KV, Workers AI, Workers Builds, Vectorize, Super Slurper, and Workflows. More sources and events are on the way.

For more information on event subscriptions, available events, and how to get started, refer to our documentation.

Workers - Easier debugging in Workers with improved Wrangler error screen

Tue, 19 Aug 2025 00:00:00 GMT

Wrangler's error screen has received several improvements to enhance your debugging experience!

The error screen now features a refreshed design thanks to youch, with support for both light and dark themes, improved source map resolution logic that handles missing source files more reliably, and better error cause display.

Before	After (Light)	After (Dark)

Try it out now with npx wrangler@latest dev in your Workers project.

WAF - WAF Release - 2025-08-18

Mon, 18 Aug 2025 00:00:00 GMT

This week's update

This week, a series of critical vulnerabilities were discovered impacting core enterprise and open-source infrastructure. These flaws present a range of risks, providing attackers with distinct pathways for remote code execution, methods to breach internal network boundaries, and opportunities for critical data exposure and operational disruption.

Key Findings

SonicWall SMA (CVE-2025-32819, CVE-2025-32820, CVE-2025-32821): A remote authenticated attacker with SSLVPN user privileges can bypass path traversal protections. These vulnerabilities enable a attacker to bypass security checks to read, modify, or delete arbitrary files. An attacker with administrative privileges can escalate this further, using a command injection flaw to upload malicious files, which could ultimately force the appliance to reboot to its factory default settings.
Ms-Swift Project (CVE-2025-50460): An unsafe deserialization vulnerability exists in the Ms-Swift project's handling of YAML configuration files. If an attacker can control the content of a configuration file passed to the application, they can embed a malicious payload that will execute arbitrary code and it can be executed during deserialization.
Apache Druid (CVE-2023-25194): This vulnerability in Apache Druid allows an attacker to cause the server to connect to a malicious LDAP server. By sending a specially crafted LDAP response, the attacker can trigger an unrestricted deserialization of untrusted data. If specific "gadgets" (classes that can be abused) are present in the server's classpath, this can be escalated to achieve Remote Code Execution (RCE).
Tenda AC8v4 (CVE-2025-51087, CVE-2025-51088): Vulnerabilities allow an authenticated attacker to trigger a stack-based buffer overflow. By sending malformed arguments in a request to specific endpoints, an attacker can crash the device or potentially achieve arbitrary code execution.
Open WebUI (CVE-2024-7959): This vulnerability allows a user to change the OpenAI URL endpoint to an arbitrary internal network address without proper validation. This flaw can be exploited to access internal services or cloud metadata endpoints, potentially leading to remote command execution if the attacker can retrieve instance secrets or access sensitive internal APIs.
BentoML (CVE-2025-54381): The vulnerability exists in the serialization/deserialization handlers for multipart form data and JSON requests, which automatically download files from user-provided URLs without proper validation of internal network addresses. This allows attackers to fetch from unintended internal services, including cloud metadata and localhost.
Adobe Experience Manager Forms (CVE-2025-54254): An Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read in Adobe AEM (≤6.5.23).

Impact

These vulnerabilities affect core infrastructure, from network security appliances like SonicWall to data platforms such as Apache Druid and ML frameworks like BentoML. The code execution and deserialization flaws are particularly severe, offering deep system access that allows attackers to steal data, disrupt services, and establish a foothold for broader intrusions. Simultaneously, SSRF and XXE vulnerabilities undermine network boundaries, exposing sensitive internal data and creating pathways for lateral movement. Beyond data-centric threats, flaws in edge devices like the Tenda router introduce the tangible risk of operational disruption, highlighting a multi-faceted threat to the security and stability of key enterprise systems.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	326ebb56d46a4c269bb699d3418d9a3b	100574	SonicWall SMA - Remote Code Execution - CVE:CVE-2025-32819, CVE:CVE-2025-32820, CVE:CVE-2025-32821	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	69f4f161dec04aca8a73a3231e6fefdb	100576	Ms-Swift Project - Remote Code Execution - CVE:CVE-2025-50460	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	d62935357ff846d9adefb58108ac45b3	100585	Apache Druid - Remote Code Execution - CVE:CVE-2023-25194	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	4f6148a760804bf8ad8ebccfe4855472	100834	Tenda AC8v4 - Auth Bypass - CVE:CVE-2025-51087, CVE:CVE-2025-51088	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	1474121b01ba40629f8246f8022ab542	100835	Open WebUI - SSRF - CVE:CVE-2024-7959	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	96abffdb7e224ce69ddf89eb6339f132	100837	SQLi - OOB	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	a0b20ec638d14800a1d6827cb83d2625	100841	BentoML - SSRF - CVE:CVE-2025-54381	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	40fd793035c947c5ac75add1739180d2	100841A	BentoML - SSRF - CVE:CVE-2025-54381 - 2	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	08dcb20b9acf47e3880a0b886ab910c2	100841B	BentoML - SSRF - CVE:CVE-2025-54381 - 3	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	309cfb7eeb42482e9ad896f12197ec51	100845	Adobe Experience Manager Forms - XSS - CVE:CVE-2025-54254	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	6e039776c2d6418ab6e8f05196f34ce3	100845A	Adobe Experience Manager Forms - XSS - CVE:CVE-2025-54254 - 2	Log	Block	This is a New Detection

Access - SFTP support for SSH with Cloudflare Access for Infrastructure

Fri, 15 Aug 2025 00:00:00 GMT

SSH with Cloudflare Access for Infrastructure now supports SFTP. It is compatible with SFTP clients, such as Cyberduck.

Load Balancing - Steer Traffic by AS Number in Load Balancing Custom Rules

Fri, 15 Aug 2025 00:00:00 GMT

You can now create more granular, network-aware Custom Rules in Cloudflare Load Balancing using the Autonomous System Number (ASN) of an incoming request.

This allows you to steer traffic with greater precision based on the network source of a request. For example, you can route traffic from specific Internet Service Providers (ISPs) or enterprise customers to dedicated infrastructure, optimize performance, or enforce compliance by directing certain networks to preferred data centers.

To get started, create a Custom Rule in your Load Balancer and select AS Num from the Field dropdown.

Log Explorer - Extended retention

Fri, 15 Aug 2025 00:00:00 GMT

Customers can now rely on Log Explorer to meet their log retention compliance requirements.

Contract customers can choose to store their logs in Log Explorer for up to two years, at an additional cost of $0.10 per GB per month. Customers interested in this feature can contact their account team to have it added to their contract.

Security Center - Save time with bulk query creation in Brand Protection

Fri, 15 Aug 2025 00:00:00 GMT

Brand Protection detects domains that may be impersonating your brand — from common misspellings (cloudfalre.com) to malicious concatenations (cloudflare-okta.com). Saved search queries run continuously and alert you when suspicious domains appear.

You can now create and save multiple queries in a single step, streamlining setup and management. Available now via the Brand Protection bulk query creation API.

Cloudflare Fundamentals, Terraform - Terraform v5.8.4 now available

Fri, 15 Aug 2025 00:00:00 GMT

Earlier this year, we announced the launch of the new Terraform v5 Provider. We are aware of the high number of issues reported by the Cloudflare Community related to the v5 release. We have committed to releasing improvements on a two week cadence to ensure stability and reliability.

One key change we adopted in recent weeks is a pivot to more comprehensive, test-driven development. We are still evaluating individual issues, but are also investing in much deeper testing to drive our stabilization efforts. We will subsequently be investing in comprehensive migration scripts. As a result, you will see several of the highest traffic APIs have been stabilized in the most recent release, and are supported by comprehensive acceptance tests.

Thank you for continuing to raise issues. We triage them weekly and they help make our products stronger.

Changes

Resources stabilized:
- cloudflare_argo_smart_routing
- cloudflare_bot_management
- cloudflare_list
- cloudflare_list_item
- cloudflare_load_balancer
- cloudflare_load_balancer_monitor
- cloudflare_load_balancer_pool
- cloudflare_spectrum_application
- cloudflare_managed_transforms
- cloudflare_url_normalization_settings
- cloudflare_snippet
- cloudflare_snippet_rules
- cloudflare_zero_trust_access_application
- cloudflare_zero_trust_access_group
- cloudflare_zero_trust_access_identity_provider
- cloudflare_zero_trust_access_mtls_certificate
- cloudflare_zero_trust_access_mtls_hostname_settings
- cloudflare_zero_trust_access_policy
- cloudflare_zone
Multipart handling restored for cloudflare_snippet
cloudflare_bot_management diff issues resolves when running terraform plan and terraform apply
Other bug fixes

For a more detailed look at all of the changes, refer to the changelog in GitHub.

Issues Closed

If you have an unaddressed issue with the provider, we encourage you to check the open issues and open a new one if one does not already exist for what you are experiencing.

Upgrading

We suggest holding off on migration to v5 while we work on stablization. This help will you avoid any blocking issues while the Terraform resources are actively being stablized.

If you'd like more information on migrating to v5, please make use of the migration guide. We have provided automated migration scripts using Grit which simplify the transition. These migration scripts do not support implementations which use Terraform modules, so customers making use of modules need to migrate manually. Please make use of terraform plan to test your changes before applying, and let us know if you encounter any additional issues by reporting to our GitHub repository.

For more info

Workers - The Node.js and Web File System APIs in Workers

Fri, 15 Aug 2025 00:00:00 GMT

Implementations of the node:fs module and the Web File System API are now available in Workers.

Using the `node:fs` module

The node:fs module provides access to a virtual file system in Workers. You can use it to read and write files, create directories, and perform other file system operations.

The virtual file system is ephemeral with each individual request havig its own isolated temporary file space. Files written to the file system will not persist across requests and will not be shared across requests or across different Workers.

Workers running with the nodejs_compat compatibility flag will have access to the node:fs module by default when the compatibility date is set to 2025-09-01 or later. Support for the API can also be enabled using the enable_nodejs_fs_module compatibility flag together with the nodejs_compat flag. The node:fs module can be disabled using the disable_nodejs_fs_module compatibility flag.

import fs from "node:fs";

const config = JSON.parse(fs.readFileSync("/bundle/config.json", "utf-8"));

export default {
  async fetch(request) {
    return new Response(`Config value: ${config.value}`);
  },
};

There are a number of initial limitations to the node:fs implementation:

The glob APIs (e.g. fs.globSync(...)) are not implemented.
The file watching APIs (e.g. fs.watch(...)) are not implemented.
The file timestamps (modified time, access time, etc) are only partially supported. For now, these will always return the Unix epoch.

Refer to the Node.js documentation for more information on the node:fs module and its APIs.

The Web File System API

The Web File System API provides access to the same virtual file system as the node:fs module, but with a different API surface. The Web File System API is only available in Workers running with the enable_web_file_system compatibility flag. The nodejs_compat compatibility flag is not required to use the Web File System API.

const root = navigator.storage.getDirectory();

export default {
  async fetch(request) {
    const tmp = await root.getDirectoryHandle("/tmp");
    const file = await tmp.getFileHandle("data.txt", { create: true });
    const writable = await file.createWritable();
    const writer = writable.getWriter();
    await writer.write("Hello, World!");
    await writer.close();

    return new Response("File written successfully!");
  },
};

As there are still some parts of the Web File System API tht are not fully standardized, there may be some differences between the Workers implementation and the implementations in browsers.

Workers - Workers Static Assets: Corrected handling of double slashes in redirect rule paths

Fri, 15 Aug 2025 00:00:00 GMT

Static Assets: Fixed a bug in how redirect rules defined in your Worker's _redirects file are processed.

If you're serving Static Assets with a _redirects file containing a rule like /ja/* /:splat, paths with double slashes were previously misinterpreted as external URLs. For example, visiting /ja//example.com would incorrectly redirect to https://example.com instead of /example.com on your domain. This has been fixed and double slashes now correctly resolve as local paths. Note: Cloudflare Pages was not affected by this issue.

Workers - Workers per-branch preview URLs now support long branch names

Thu, 14 Aug 2025 01:00:00 GMT

We've updated preview URLs for Cloudflare Workers to support long branch names.

Previously, branch and Worker names exceeding the 63-character DNS limit would cause alias generation to fail, leaving pull requests without aliased preview URLs. This particularly impacted teams relying on descriptive branch naming.

Now, Cloudflare automatically truncates long branch names and appends a unique hash, ensuring every pull request gets a working preview link.

How it works

63 characters or less: <branch-name>-<worker-name> → Uses actual branch name as is
64 characters or more: <truncated-branch-name>--<hash>-<worker-name> → Uses truncated name with 4-character hash
Hash generation: The hash is derived from the full branch name to ensure uniqueness
Stable URLs: The same branch always generates the same hash across all commits

Requirements and compatibility

Wrangler 4.30.0 or later: This feature requires updating to wrangler@4.30.0+
No configuration needed: Works automatically with existing preview URL setups

Access - Cloudflare Access Logging supports the Customer Metadata Boundary (CMB)

Thu, 14 Aug 2025 00:00:00 GMT

Cloudflare Access logs now support the Customer Metadata Boundary (CMB). If you have configured the CMB for your account, all Access logging will respect that configuration.

Workers - Python Workers handlers now live in an entrypoint class

Thu, 14 Aug 2025 00:00:00 GMT

We are changing how Python Workers are structured by default. Previously, handlers were defined at the top-level of a module as on_fetch, on_scheduled, etc. methods, but now they live in an entrypoint class.

Here's an example of how to now define a Worker with a fetch handler:

from workers import Response, WorkerEntrypoint

class Default(WorkerEntrypoint):
    async def fetch(self, request):
        return Response("Hello World!")

To keep using the old-style handlers, you can specify the disable_python_no_global_handlers compatibility flag in your wrangler file:

wrangler.jsonc

{
  "compatibility_flags": [
    "disable_python_no_global_handlers"
  ]
}

wrangler.toml

compatibility_flags = [ "disable_python_no_global_handlers" ]

Consult the Python Workers documentation for more details.

Workers - Terraform provider improvements — Python Workers support, smaller plan diffs, and API SDK fixes

Thu, 14 Aug 2025 00:00:00 GMT

The recent Cloudflare Terraform Provider and SDK releases (such as cloudflare-typescript) bring significant improvements to the Workers developer experience. These updates focus on reliability, performance, and adding Python Workers support.

Terraform Improvements

Fixed Unwarranted Plan Diffs

Resolved several issues with the cloudflare_workers_script resource that resulted in unwarranted plan diffs, including:

Using Durable Objects migrations
Using some bindings such as secret_text
Using smart placement

A resource should never show a plan diff if there isn't an actual change. This fix reduces unnecessary noise in your Terraform plan and is available in Cloudflare Terraform Provider 5.8.0.

Improved File Management

You can now specify content_file and content_sha256 instead of content. This prevents the Workers script content from being stored in the state file which greatly reduces plan diff size and noise. If your workflow synced plans remotely, this should now happen much faster since there is less data to sync. This is available in Cloudflare Terraform Provider 5.7.0.

resource "cloudflare_workers_script" "my_worker" {
  account_id      = "123456789"
  script_name     = "my_worker"
  main_module     = "worker.mjs"
  content_file    = "worker.mjs"
  content_sha256  = filesha256("worker.mjs")
}

Assets Headers and Redirects Support

Fixed the cloudflare_workers_script resource to properly support headers and redirects for Assets:

resource "cloudflare_workers_script" "my_worker" {
  account_id      = "123456789"
  script_name     = "my_worker"
  main_module     = "worker.mjs"
  content_file    = "worker.mjs"
  content_sha256  = filesha256("worker.mjs")
  assets = {
    config = {
      headers = file("_headers")
      redirects = file("_redirects")
    }
    # Completion jwt from:
    # https://developers.cloudflare.com/api/resources/workers/subresources/assets/subresources/upload/
    jwt = "jwt"
  }
}

Available in Cloudflare Terraform Provider 5.8.0.

Python Workers Support

Added support for uploading Python Workers (beta) in Terraform. You can now deploy Python Workers with:

resource "cloudflare_workers_script" "my_worker" {
  account_id       = "123456789"
  script_name      = "my_worker"
  content_file     = "worker.py"
  content_sha256   = filesha256("worker.py")
  content_type     = "text/x-python"
}

Available in Cloudflare Terraform Provider 5.8.0.

SDK Enhancements

Improved File Upload API

Fixed an issue where Workers script versions in the SDK did not allow uploading files. This now works, and also has an improved files upload interface:

const scriptContent = `
  export default {
    async fetch(request, env, ctx) {
      return new Response('Hello World!', { status: 200 });
    }
  };
`;

client.workers.scripts.versions.create('my-worker', {
  account_id: '123456789',
  metadata: {
    main_module: 'my-worker.mjs',
  },
  files: [
    await toFile(
      Buffer.from(scriptContent),
      'my-worker.mjs',
      {
        type: "application/javascript+module",
      }
    )
  ]
});

Will be available in cloudflare-typescript 4.6.0. A similar change will be available in cloudflare-python 4.4.0.

Fixed updating KV values

Previously when creating a KV value like this:

await cf.kv.namespaces.values.update("my-kv-namespace", "key1", {
  account_id: "123456789",
  metadata: "my metadata",
  value: JSON.stringify({
    hello: "world"
  })
});

...and recalling it in your Worker like this:

const value = await c.env.KV.get<{hello: string}>("key1", "json");

You'd get back this: {metadata:'my metadata', value:"{'hello':'world'}"} instead of the correct value of {hello: 'world'}

This is fixed in cloudflare-typescript 4.5.0 and will be fixed in cloudflare-python 4.4.0.

Logs - IBM Cloud Logs as Logpush destination

Wed, 13 Aug 2025 00:00:00 GMT

Cloudflare Logpush now supports IBM Cloud Logs as a native destination.

Logs from Cloudflare can be sent to IBM Cloud Logs via Logpush. The setup can be done through the Logpush UI in the Cloudflare Dashboard or by using the Logpush API. The integration requires IBM Cloud Logs HTTP Source Address and an IBM API Key. The feature also allows for filtering events and selecting specific log fields.

For more information, refer to Destination Configuration documentation.

Workers - MessageChannel and MessagePort

Mon, 11 Aug 2025 01:00:00 GMT

A minimal implementation of the MessageChannel API is now available in Workers. This means that you can use MessageChannel to send messages between different parts of your Worker, but not across different Workers.

The MessageChannel and MessagePort APIs will be available by default at the global scope with any worker using a compatibility date of 2025-08-15 or later. It is also available using the expose_global_message_channel compatibility flag, or can be explicitly disabled using the no_expose_global_message_channel compatibility flag.

const { port1, port2 } = new MessageChannel();

port2.onmessage = (event) => {
  console.log('Received message:', event.data);
};

port2.postMessage('Hello from port2!');

Any value that can be used with the structuredClone(...) API can be sent over the port.

Differences

There are a number of key limitations to the MessageChannel API in Workers:

Transfer lists are currently not supported. This means that you will not be able to transfer ownership of objects like ArrayBuffer or MessagePort between ports.
The MessagePort is not yet serializable. This means that you cannot send a MessagePort object through the postMessage method or via JSRPC calls.
The 'messageerror' event is only partially supported. If the 'onmessage' handler throws an error, the 'messageerror' event will be triggered, however, it will not be triggered when there are errors serializing or deserializing the message data. Instead, the error will be thrown when the postMessage method is called on the sending port.
The 'close' event will be emitted on both ports when one of the ports is closed, however it will not be emitted when the Worker is terminated or when one of the ports is garbage collected.

WAF - WAF Release - 2025-08-11

Mon, 11 Aug 2025 00:00:00 GMT

This week's update focuses on a wide range of enterprise software, from network infrastructure and security platforms to content management systems and development frameworks. Flaws include unsafe deserialization, OS command injection, SSRF, authentication bypass, and arbitrary file upload — many of which allow unauthenticated remote code execution. Notable risks include Cisco Identity Services Engine and Ivanti EPMM, where successful exploitation could grant attackers full administrative control of core network infrastructure and popular web services such as WordPress, SharePoint, and Ingress-Nginx, where security bypasses and arbitrary file uploads could lead to complete site or server compromise.

Key Findings

Cisco Identity Services Engine (CVE-2025-20281): Insufficient input validation in a specific API of Cisco Identity Services Engine (ISE) and ISE-PIC allows an unauthenticated, remote attacker to execute arbitrary code with root privileges on an affected device.
Wazuh Server (CVE-2025-24016): An unsafe deserialization vulnerability in Wazuh Server (versions 4.4.0 to 4.9.0) allows for remote code execution and privilege escalation. By injecting unsanitized data, an attacker can trigger an exception to execute arbitrary code on the server.
CrushFTP (CVE-2025-54309): A flaw in AS2 validation within CrushFTP allows remote attackers to gain administrative access via HTTPS on systems not using the DMZ proxy feature. This flaw can lead to unauthorized file access and potential system compromise.
Kentico Xperience CMS (CVE-2025-2747, CVE-2025-2748): Vulnerabilities in Kentico Xperience CMS could enable cross-site scripting (XSS), allowing attackers to inject malicious scripts into web pages. Additionally, a flaw could allow unauthenticated attackers to bypass the Staging Sync Server's authentication, potentially leading to administrative control over the CMS.
Node.js (CVE-2025-27210): An incomplete fix for a previous vulnerability (CVE-2025-23084) in Node.js affects the path.join() API method on Windows systems. The vulnerability can be triggered using reserved Windows device names such as CON, PRN, or AUX.
WordPress:Plugin:Simple File List (CVE-2025-34085, CVE-2020-36847): This vulnerability in the Simple File List plugin for WordPress allows an unauthenticated remote attacker to upload arbitrary files to a vulnerable site. This can be exploited to achieve remote code execution on the server.
(Note: CVE-2025-34085 has been rejected as a duplicate.)
GeoServer (CVE-2024-29198): A Server-Side Request Forgery (SSRF) vulnerability exists in GeoServer's Demo request endpoint, which can be exploited where the Proxy Base URL has not been configured.
Ivanti EPMM (CVE-2025-6771): An OS command injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM) before versions 12.5.0.2, 12.4.0.3, and 12.3.0.3 allows a remote, authenticated attacker with high privileges to execute arbitrary code.
Microsoft SharePoint (CVE-2024-38018): This is a remote code execution vulnerability affecting Microsoft SharePoint Server.
Manager-IO (CVE-2025-54122): A critical unauthenticated full read Server-Side Request Forgery (SSRF) vulnerability is present in the proxy handler of both Manager Desktop and Server editions up to version 25.7.18.2519. This allows an unauthenticated attacker to bypass network isolation and access internal services.
Ingress-Nginx (CVE-2025-1974): A vulnerability in the Ingress-Nginx controller for Kubernetes allows an attacker to bypass access control rules. An unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller.
PaperCut NG/MF (CVE-2023-2533): A Cross-Site Request Forgery (CSRF) vulnerability has been identified in PaperCut NG/MF. Under specific conditions, an attacker could exploit this to alter security settings or execute arbitrary code if they can deceive an administrator with an active login session into clicking a malicious link.
SonicWall SMA (CVE-2025-40598): This vulnerability could allow an unauthenticated attacker to bypass security controls. This allows a remote, unauthenticated attacker to potentially execute arbitrary JavaScript code.
WordPress (CVE-2025-5394): The "Alone – Charity Multipurpose Non-profit WordPress Theme" for WordPress is vulnerable to arbitrary file uploads. A missing capability check allows unauthenticated attackers to upload ZIP files containing webshells disguised as plugins, leading to remote code execution.

Impact

These vulnerabilities span a broad range of enterprise technologies, including network access control systems, monitoring platforms, web servers, CMS platforms, cloud services, and collaboration tools. Exploitation techniques range from remote code execution and command injection to authentication bypass, SQL injection, path traversal, and configuration weaknesses.

A critical flaw in perimeter devices like Ivanti EPMM or SonicWall SMA could allow an unauthenticated attacker to gain remote code execution, completely breaching the primary network defense. A separate vulnerability within Cisco's Identity Services Engine could then be exploited to bypass network segmentation, granting an attacker widespread internal access. Insecure deserialization issues in platforms like Wazuh Server and CrushFTP could then be used to run malicious payloads or steal sensitive files from administrative consoles. Weaknesses in web delivery controllers like Ingress-Nginx or popular content management systems such as WordPress, SharePoint, and Kentico Xperience create vectors to bypass security controls, exfiltrate confidential data, or fully compromise servers.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	ec6480c81253494b947d891e51bc8df1	100538	GeoServer - SSRF - CVE:CVE-2024-29198	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	b8cb07170b5e4c2b989119cac9e0b290	100548	Ivanti EPMM - Remote Code Execution - CVE:CVE-2025-6771	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	b3524bf5f5174b65bc892122ad93cda8	100550	Microsoft SharePoint - Remote Code Execution - CVE:CVE-2024-38018	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	e1369c5d629f4f10a14141381dca5738	100562	Manager-IO - SSRF - CVE:CVE-2025-54122	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	136f67e2b6a84f15ab9a82a52e9137e1	100565	Cisco Identity Services Engine - Remote Code Execution - CVE:CVE-2025-20281	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	ed759f7e44184fa398ef71785d8102e1	100567	Ingress-Nginx - Remote Code Execution - CVE:CVE-2025-1974	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	71b8e7b646f94d79873213cd99105c43	100569	PaperCut NG/MF - Remote Code Execution - CVE:CVE-2023-2533	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	2450bfbb0cfb4804b109d1c42c81dc88	100571	SonicWall SMA - XSS - CVE:CVE-2025-40598	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	8ce1903b67e24205a93f5fe6926c96d4	100573	WordPress - Dangerous File Upload - CVE:CVE-2025-5394	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	7fdb3c7bc7b74703aeef4ab240ec2fda	100806	Wazuh Server - Remote Code Execution - CVE:CVE-2025-24016	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	fe088163f51f4928a3c8d91e2401fa3b	100824	CrushFTP - Remote Code Execution - CVE:CVE-2025-54309	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	3638baed75924604987b86d874920ace	100824A	CrushFTP - Remote Code Execution - CVE:CVE-2025-54309 - 2	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	dda4f95b3a3e4ebb9e194aa5c7e63549	100825	AMI MegaRAC - Auth Bypass - CVE:CVE-2024-54085	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	7dc07014cefa4ce9adf21da7b79037e6	100826	Kentico Xperience CMS - Auth Bypass - CVE:CVE-2025-2747	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	7c7a0a37e79a4949ba840c9acaf261aa	100827	Kentico Xperience CMS - XSS - CVE:CVE-2025-2748	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	54dd826f578c483196ce852b6f1c2d12	100828	Node.js - Directory Traversal - CVE:CVE-2025-27210	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	a2867f7456c14213a94509a40341fccc	100829	WordPress:Plugin:Simple File List - Remote Code Execution - CVE:CVE-2025-34085	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	4cdb0e792d1a428a897526624cefeeda	100829A	WordPress:Plugin:Simple File List - Remote Code Execution - CVE:CVE-2025-34085 - 2	Log	Disabled	This is a New Detection

Workers - Wrangler and the Cloudflare Vite plugin support `.env` files in local development

Fri, 08 Aug 2025 01:00:00 GMT

Now, you can use .env files to provide secrets and override environment variables on the env object during local development with Wrangler and the Cloudflare Vite plugin.

Previously in local development, if you wanted to provide secrets or environment variables during local development, you had to use .dev.vars files. This is still supported, but you can now also use .env files, which are more familiar to many developers.

Using `.env` files in local development

You can create a .env file in your project root to define environment variables that will be used when running wrangler dev or vite dev. The .env file should be formatted like a dotenv file, such as KEY="VALUE":

TITLE="My Worker"
API_TOKEN="dev-token"

When you run wrangler dev or vite dev, the environment variables defined in the .env file will be available in your Worker code via the env object:

export default {
  async fetch(request, env) {
    const title = env.TITLE; // "My Worker"
    const apiToken = env.API_TOKEN; // "dev-token"
    const response = await fetch(
      `https://api.example.com/data?token=${apiToken}`,
    );
    return new Response(`Title: ${title} - ` + (await response.text()));
  },
};

Multiple environments with `.env` files

If your Worker defines multiple environments, you can set different variables for each environment (ex: production or staging) by creating files named .env.<environment-name>.

When you use wrangler <command> --env <environment-name> or CLOUDFLARE_ENV=<environment-name> vite dev, the corresponding environment-specific file will also be loaded and merged with the .env file.

For example, if you want to set different environment variables for the staging environment, you can create a file named .env.staging:

API_TOKEN="staging-token"

When you run wrangler dev --env staging or CLOUDFLARE_ENV=staging vite dev, the environment variables from .env.staging will be merged onto those from .env.

export default {
  async fetch(request, env) {
    const title = env.TITLE; // "My Worker" (from `.env`)
    const apiToken = env.API_TOKEN; // "staging-token" (from `.env.staging`, overriding the value from `.env`)
    const response = await fetch(
      `https://api.example.com/data?token=${apiToken}`,
    );
    return new Response(`Title: ${title} - ` + (await response.text()));
  },
};

Find out more

For more information on how to use .env files with Wrangler and the Cloudflare Vite plugin, see the following documentation:

Stream - Introducing observability and metrics for Stream Live Inputs

Fri, 08 Aug 2025 00:00:00 GMT

New information about broadcast metrics and events is now available in Cloudflare Stream in the Live Input details of the Dashboard.

You can now easily understand broadcast-side health and performance with new observability, which can help when troubleshooting common issues, particularly for new customers who are just getting started, and platform customers who may have limited visibility into how their end-users configure their encoders.

To get started, start a live stream (just getting started?), then visit the Live Input details page in Dash.

See our new live Troubleshooting guide to learn what these metrics mean and how to use them to address common broadcast issues.

Workers - Directly import `waitUntil` in Workers for easily spawning background tasks

Fri, 08 Aug 2025 00:00:00 GMT

You can now import waitUntil from cloudflare:workers to extend your Worker's execution beyond the request lifecycle from anywhere in your code.

Previously, waitUntil could only be accessed through the execution context (ctx) parameter passed to your Worker's handler functions. This meant that if you needed to schedule background tasks from deeply nested functions or utility modules, you had to pass the ctx object through multiple function calls to access waitUntil.

Now, you can import waitUntil directly and use it anywhere in your Worker without needing to pass ctx as a parameter:

import { waitUntil } from "cloudflare:workers";

export function trackAnalytics(eventData) {
  const analyticsPromise = fetch("https://analytics.example.com/track", {
    method: "POST",
    body: JSON.stringify(eventData),
  });

  // Extend execution to ensure analytics tracking completes
  waitUntil(analyticsPromise);
}

This is particularly useful when you want to:

Schedule background tasks from utility functions or modules
Extend execution for analytics, logging, or cleanup operations
Avoid passing the execution context through multiple layers of function calls

import { waitUntil } from "cloudflare:workers";

export default {
  async fetch(request, env, ctx) {
    // Background task that should complete even after response is sent
    cleanupTempData(env.KV_NAMESPACE);
    return new Response("Hello, World!");
  }
};

function cleanupTempData(kvNamespace) {
  // This function can now use waitUntil without needing ctx
  const deletePromise = kvNamespace.delete("temp-key");
  waitUntil(deletePromise);
}

For more information, see the waitUntil documentation.

Email security - Expanded Email Link Isolation

Thu, 07 Aug 2025 23:22:49 GMT

When you deploy MX or Inline, not only can you apply email link isolation to suspicious links in all emails (including benign), you can now also apply email link isolation to all links of a specified disposition. This provides more flexibility in controlling user actions within emails.

For example, you may want to deliver suspicious messages but isolate the links found within them so that users who choose to interact with the links will not accidentally expose your organization to threats. This means your end users are more secure than ever before.

To isolate all links within a message based on the disposition, select Settings > Link Actions > View and select Configure. As with other other links you isolate, an interstitial will be provided to warn users that this site has been isolated and the link will be recrawled live to evaluate if there are any changes in our threat intel. Learn more about this feature on Configure link actions.

This feature is available across these Email security packages:

Enterprise
Enterprise + PhishGuard

WAF - WAF Release - 2025-08-07 - Emergency

Thu, 07 Aug 2025 00:00:00 GMT

This week’s highlight focuses on two critical vulnerabilities affecting key infrastructure and enterprise content management platforms. Both flaws present significant remote code execution risks that can be exploited with minimal or no user interaction.

Key Findings

Squid (≤6.3) — CVE-2025-54574: A heap buffer overflow occurs when processing Uniform Resource Names (URNs). This vulnerability may allow remote attackers to execute arbitrary code on the server. The issue has been resolved in version 6.4.
Adobe AEM (≤6.5.23) — CVE-2025-54253: Due to a misconfiguration, attackers can achieve remote code execution without requiring any user interaction, posing a severe threat to affected deployments.

Impact

Both vulnerabilities expose critical attack vectors that can lead to full server compromise. The Squid heap buffer overflow allows remote code execution by crafting malicious URNs, which can lead to server takeover or denial of service. Given Squid’s widespread use as a caching proxy, this flaw could be exploited to disrupt network traffic or gain footholds inside secure environments.

Adobe AEM’s remote code execution vulnerability enables attackers to run arbitrary code on the content management server without any user involvement. This puts sensitive content, application integrity, and the underlying infrastructure at extreme risk. Exploitation could lead to data theft, defacement, or persistent backdoor installation.

These findings reinforce the urgency of updating to the patched versions — Squid 6.4 and Adobe AEM 6.5.24 or later — and reviewing configurations to prevent exploitation.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	f61ed7c1e7e24c3380289e41ef7e015b	100844	Adobe Experience Manager Forms - Remote Code Execution - CVE:CVE-2025-54253	N/A	Block	This is a New Detection
Cloudflare Managed Ruleset	e76e65f5a3aa43f49e0684a6baec057a	100840	Squid - Buffer Overflow - CVE:CVE-2025-54574	N/A	Block	This is a New Detection

Workers - Requests made from Cloudflare Workers can now force a revalidation of their cache with the origin

Thu, 07 Aug 2025 00:00:00 GMT

By setting the value of the cache property to no-cache, you can force Cloudflare's cache to revalidate its contents with the origin when making subrequests from Cloudflare Workers.

JavaScript

export default {
  async fetch(req, env, ctx) {
    const request = new Request("https://cloudflare.com", {
      cache: "no-cache",
    });
    const response = await fetch(request);
    return response;
  },
};

TypeScript

export default {
  async fetch(req, env, ctx): Promise<Response> {
    const request = new Request("https://cloudflare.com", { cache: 'no-cache'});
    const response = await fetch(request);
    return response;
  }
} satisfies ExportedHandler<Environment>

When no-cache is set, the Worker request will first look for a match in Cloudflare's cache, then:

If there is a match, a conditional request is sent to the origin, regardless of whether or not the match is fresh or stale. If the resource has not changed, the cached version is returned. If the resource has changed, it will be downloaded from the origin, updated in the cache, and returned.
If there is no match, Workers will make a standard request to the origin and cache the response.

This increases compatibility with NPM packages and JavaScript frameworks that rely on setting the cache property, which is a cross-platform standard part of the Request interface. Previously, if you set the cache property on Request to 'no-cache', the Workers runtime threw an exception.

Learn how the Cache works with Cloudflare Workers
Enable Node.js compatibility for your Cloudflare Worker
Explore Runtime APIs and Bindings available in Cloudflare Workers

Load Balancing - Improvements to Monitoring Using Zone Settings

Wed, 06 Aug 2025 00:00:00 GMT

Cloudflare Load Balancing Monitors support loading and applying settings for a specific zone to monitoring requests to origin endpoints. This feature has been migrated to new infrastructure to improve reliability, performance, and accuracy.

All zone monitors have been tested against the new infrastructure. There should be no change to health monitoring results of currently healthy and active pools. Newly created or re-enabled pools may need validation of their monitor zone settings before being introduced to service, especially regarding correct application of mTLS.

What you can expect:

More reliable application of zone settings to monitoring requests, including
- Authenticated Origin Pulls
- Aegis Egress IP Pools
- Argo Smart Routing
- HTTP/2 to Origin
Improved support and bug fixes for retries, redirects, and proxied origin resolution
Improved performance and reliability of monitoring requests withing the Cloudflare network
Unrelated CDN or WAF configuration changes should have no risk of impact to pool health

Radar - Certificate Transparency Insights in Cloudflare Radar

Wed, 06 Aug 2025 00:00:00 GMT

Radar now introduces Certificate Transparency (CT) insights, providing visibility into certificate issuance trends based on Certificate Transparency logs currently monitored by Cloudflare.

The following API endpoints are now available:

/ct/timeseries: Retrieves certificate issuance time series.
/ct/summary/{dimension}: Retrieves certificate distribution by dimension.
/ct/timeseries_groups/{dimension}: Retrieves time series of certificate distribution by dimension.
/ct/authorities: Lists certification authorities.
/ct/authorities/{ca_slug}: Retrieves details about a Certification Authority (CA). CA information is derived from the Common CA Database (CCADB).
/ct/logs: Lists CT logs.
/ct/logs/{log_slug}: Retrieves details about a CT log. CT log information is derived from the Google Chrome log list.

For the summary and timeseries_groups endpoints, the following dimensions are available (and also usable as filters):

ca: Certification Authority (certificate issuer)
ca_owner: Certification Authority Owner
duration: Certificate validity duration (between NotBefore and NotAfter dates)
entry_type: Entry type (certificate vs. pre-certificate)
expiration_status: Expiration status (valid vs. expired)
has_ips: Presence of IP addresses in certificate Subject Alternative Names (SANs)
has_wildcards: Presence of wildcard DNS names in certificate SANs
log: CT log name
log_api: CT log API (RFC6962 vs. Static)
log_operator: CT log operator
public_key_algorithm: Public key algorithm of certificate's key
signature_algorithm: Signature algorithm used by CA to sign certificate
tld: Top-level domain for DNS names found in certificates SANs
validation_level: Validation level

Check out the new Certificate Transparency insights in the new Radar page.

Agents, Workers - Agents SDK adds MCP Elicitation support, http-streamable suppport, task queues, email integration and more

Tue, 05 Aug 2025 00:00:00 GMT

The latest releases of @cloudflare/agents brings major improvements to MCP transport protocols support and agents connectivity. Key updates include:

MCP elicitation support

MCP servers can now request user input during tool execution, enabling interactive workflows like confirmations, forms, and multi-step processes. This feature uses durable storage to preserve elicitation state even during agent hibernation, ensuring seamless user interactions across agent lifecycle events.

// Request user confirmation via elicitation
const confirmation = await this.elicitInput({
  message: `Are you sure you want to increment the counter by ${amount}?`,
  requestedSchema: {
    type: "object",
    properties: {
      confirmed: {
        type: "boolean",
        title: "Confirm increment",
        description: "Check to confirm the increment",
      },
    },
    required: ["confirmed"],
  },
});

Check out our demo to see elicitation in action.

HTTP streamable transport for MCP

MCP now supports HTTP streamable transport which is recommended over SSE. This transport type offers:

Better performance: More efficient data streaming and reduced overhead
Improved reliability: Enhanced connection stability and error recover- Automatic fallback: If streamable transport is not available, it gracefully falls back to SSE

export default MyMCP.serve("/mcp", {
  binding: "MyMCP",
});

The SDK automatically selects the best available transport method, gracefully falling back from streamable-http to SSE when needed.

Enhanced MCP connectivity

Significant improvements to MCP server connections and transport reliability:

Auto transport selection: Automatically determines the best transport method, falling back from streamable-http to SSE as needed
Improved error handling: Better connection state management and error reporting for MCP servers
Reliable prop updates: Centralized agent property updates ensure consistency across different contexts

Lightweight .queue for fast task deferral

You can use .queue() to enqueue background work — ideal for tasks like processing user messages, sending notifications etc.

class MyAgent extends Agent {
  doSomethingExpensive(payload) {
    // a long running process that you want to run in the background
  }

  queueSomething() {
    await this.queue("doSomethingExpensive", somePayload); // this will NOT block further execution, and runs in the background
    await this.queue("doSomethingExpensive", someOtherPayload); // the callback will NOT run until the previous callback is complete
    // ... call as many times as you want
  }
}

Want to try it yourself? Just define a method like processMessage in your agent, and you’re ready to scale.

New email adapter

Want to build an AI agent that can receive and respond to emails automatically? With the new email adapter and onEmail lifecycle method, now you can.

export class EmailAgent extends Agent {
  async onEmail(email: AgentEmail) {
    const raw = await email.getRaw();
    const parsed = await PostalMime.parse(raw);

    // create a response based on the email contents
    // and then send a reply

    await this.replyToEmail(email, {
      fromName: "Email Agent",
      body: `Thanks for your email! You've sent us "${parsed.subject}". We'll process it shortly.`,
    });
  }
}

You route incoming mail like this:

export default {
  async email(email, env) {
    await routeAgentEmail(email, env, {
      resolver: createAddressBasedEmailResolver("EmailAgent"),
    });
  },
};

You can find a full example here.

Automatic context wrapping for custom methods

Custom methods are now automatically wrapped with the agent's context, so calling getCurrentAgent() should work regardless of where in an agent's lifecycle it's called. Previously this would not work on RPC calls, but now just works out of the box.

export class MyAgent extends Agent {
  async suggestReply(message) {
    // getCurrentAgent() now correctly works, even when called inside an RPC method
    const { agent } = getCurrentAgent()!;
    return generateText({
      prompt: `Suggest a reply to: "${message}" from "${agent.name}"`,
      tools: [replyWithEmoji],
    });
  }
}

Try it out and tell us what you build!

Agents, Workers - Cloudflare Sandbox SDK adds streaming, code interpreter, Git support, process control and more

Tue, 05 Aug 2025 00:00:00 GMT

We’ve shipped a major release for the @cloudflare/sandbox SDK, turning it into a full-featured, container-based execution platform that runs securely on Cloudflare Workers.

This update adds live streaming of output, persistent Python and JavaScript code interpreters with rich output support (charts, tables, HTML, JSON), file system access, Git operations, full background process control, and the ability to expose running services via public URLs.

This makes it ideal for building AI agents, CI runners, cloud REPLs, data analysis pipelines, or full developer tools — all without managing infrastructure.

Code interpreter (Python, JS, TS)

Create persistent code contexts with support for rich visual + structured outputs.

createCodeContext(options)

Creates a new code execution context with persistent state.

// Create a Python context
const pythonCtx = await sandbox.createCodeContext({ language: "python" });

// Create a JavaScript context
const jsCtx = await sandbox.createCodeContext({ language: "javascript" });

Options:

language: Programming language ('python' | 'javascript' | 'typescript')
cwd: Working directory (default: /workspace)
envVars: Environment variables for the context

runCode(code, options)

Executes code with optional streaming callbacks.

// Simple execution
const execution = await sandbox.runCode('print("Hello World")', {
  context: pythonCtx,
});

// With streaming callbacks
await sandbox.runCode(
  `
for i in range(5):
    print(f"Step {i}")
    time.sleep(1)
`,
  {
    context: pythonCtx,
    onStdout: (output) => console.log("Real-time:", output.text),
    onResult: (result) => console.log("Result:", result),
  },
);

Options:

language: Programming language ('python' | 'javascript' | 'typescript')
cwd: Working directory (default: /workspace)
envVars: Environment variables for the context

Real-time streaming output

Returns a streaming response for real-time processing.

const stream = await sandbox.runCodeStream(
  "import time; [print(i) for i in range(10)]",
);
// Process the stream as needed

Rich output handling

Interpreter outputs are auto-formatted and returned in multiple formats:

text
html (e.g., Pandas tables)
png, svg (e.g., Matplotlib charts)
json (structured data)
chart (parsed visualizations)

const result = await sandbox.runCode(
  `
import seaborn as sns
import matplotlib.pyplot as plt

data = sns.load_dataset("flights")
pivot = data.pivot("month", "year", "passengers")
sns.heatmap(pivot, annot=True, fmt="d")
plt.title("Flight Passengers")
plt.show()

pivot.to_dict()
`,
  { context: pythonCtx },
);

if (result.png) {
  console.log("Chart output:", result.png);
}

Preview URLs from Exposed Ports

Start background processes and expose them with live URLs.

await sandbox.startProcess("python -m http.server 8000");
const preview = await sandbox.exposePort(8000);

console.log("Live preview at:", preview.url);

Full process lifecycle control

Start, inspect, and terminate long-running background processes.

const process = await sandbox.startProcess("node server.js");
console.log(`Started process ${process.id} with PID ${process.pid}`);

// Monitor the process
const logStream = await sandbox.streamProcessLogs(process.id);
for await (const log of parseSSEStream<LogEvent>(logStream)) {
  console.log(`Server: ${log.data}`);
}

listProcesses() - List all running processes
getProcess(id) - Get detailed process status
killProcess(id, signal) - Terminate specific processes
killAllProcesses() - Kill all processes
streamProcessLogs(id, options) - Stream logs from running processes
getProcessLogs(id) - Get accumulated process output

Git integration

Clone Git repositories directly into the sandbox.

await sandbox.gitCheckout("https://github.com/user/repo", {
  branch: "main",
  targetDir: "my-project",
});

Sandboxes are still experimental. We're using them to explore how isolated, container-like workloads might scale on Cloudflare — and to help define the developer experience around them.

Agents, Workers AI - OpenAI open models now available on Workers AI

Tue, 05 Aug 2025 00:00:00 GMT

We're thrilled to be a Day 0 partner with OpenAI to bring their latest open models to Workers AI, including support for Responses API, Code Interpreter, and Web Search (coming soon).

Get started with the new models at @cf/openai/gpt-oss-120b and @cf/openai/gpt-oss-20b. Check out the blog for more details about the new models, and the gpt-oss-120b and gpt-oss-20b model pages for more information about pricing and context windows.

Responses API

If you call the model through:

Workers Binding, it will accept/return Responses API – env.AI.run(“@cf/openai/gpt-oss-120b”)
REST API on /run endpoint, it will accept/return Responses API – https://api.cloudflare.com/client/v4/accounts/<account_id>/ai/run/@cf/openai/gpt-oss-120b
REST API on new /responses endpoint, it will accept/return Responses API – https://api.cloudflare.com/client/v4/accounts/<account_id>/ai/v1/responses
REST API for OpenAI Compatible endpoint, it will return Chat Completions (coming soon) – https://api.cloudflare.com/client/v4/accounts/<account_id>/ai/v1/chat/completions

curl https://api.cloudflare.com/client/v4/accounts/<account_id>/ai/v1/responses \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $CLOUDFLARE_API_KEY" \
  -d '{
    "model": "@cf/openai/gpt-oss-120b",
    "reasoning": {"effort": "medium"},
    "input": [
      {
        "role": "user",
        "content": "What are the benefits of open-source models?"
      }
    ]
  }'

Code Interpreter

The model is natively trained to support stateful code execution, and we've implemented support for this feature using our Sandbox SDK and Containers. Cloudflare's Developer Platform is uniquely positioned to support this feature, so we're very excited to bring our products together to support this new use case.

Web Search (coming soon)

We are working to implement Web Search for the model, where users can bring their own Exa API Key so the model can browse the Internet.

Workers - Increased disk space for Workers Builds

Mon, 04 Aug 2025 01:00:00 GMT

As part of the ongoing open beta for Workers Builds, we’ve increased the available disk space for builds from 8 GB to 20 GB for both Free and Paid plans.

This provides more space for larger projects, dependencies, and build artifacts while improving overall build reliability.

Metric	Free Plan	Paid Plans
Disk Space	20 GB	20 GB

All other build limits — including CPU, memory, build minutes, and timeout remain unchanged.

WAF - WAF Release - 2025-08-04

Mon, 04 Aug 2025 00:00:00 GMT

This week's highlight focuses on a series of significant vulnerabilities identified across widely adopted web platforms, from enterprise-grade CMS to essential backend administration tools. The findings reveal multiple vectors for attack, including critical flaws that allow for full server compromise and others that enable targeted attacks against users.

Key Findings

Sitecore (CVE-2025-34509, CVE-2025-34510, CVE-2025-34511): A hardcoded credential allows remote attackers to access administrative APIs. Once authenticated, they can exploit an additional vulnerability to upload arbitrary files, leading to remote code execution.
Grafana (CVE-2025-4123): A cross-site scripting (XSS) vulnerability allows an attacker to redirect users to a malicious website, which can then execute arbitrary JavaScript in the victim's browser.
LaRecipe (CVE-2025-53833): Through Server-Side Template Injection, attackers can execute arbitrary commands on the server, potentially access sensitive environment variables, and escalate access depending on server configuration.
CentOS WebPanel (CVE-2025-48703): A command injection vulnerability could allow a remote attacker to execute arbitrary commands on the server.
WordPress (CVE-2023-5561): This vulnerability allows unauthenticated attackers to determine the email addresses of users who have published public posts on an affected website.
WordPress Plugin - WPBookit (CVE-2025-6058): A missing file type validation allows unauthenticated attackers to upload arbitrary files to the server, creating the potential for remote code execution.
WordPress Theme - Motors (CVE-2025-4322): Due to improper identity validation, an unauthenticated attacker can change the passwords of arbitrary users, including administrators, to gain access to their accounts.

Impact

These vulnerabilities pose a multi-layered threat to widely adopted web technologies, ranging from enterprise-grade platforms like Sitecore to everyday solutions such as WordPress, and backend tools like CentOS WebPanel. The most severe risks originate in remote code execution (RCE) flaws found in Sitecore, CentOS WebPanel, LaRecipe, and the WPBookit plugin. These allow attackers to bypass security controls and gain deep access to the server, enabling them to steal sensitive data, deface websites, install persistent malware, or use the compromised server as a launchpad for further attacks.

The privilege escalation vulnerability is the Motors theme, which allows for a complete administrative account takeover on WordPress sites. This effectively hands control of the application to an attacker, who can then manipulate content, exfiltrate user data, and alter site functionality without needing to breach the server itself.

The Grafana cross-site scripting (XSS) flaw can be used to hijack authenticated user sessions or steal credentials, turning a trusted user's browser into an attack vector.

Meanwhile, the information disclosure flaw in WordPress core provides attackers with valid user emails, fueling targeted phishing campaigns that aim to secure the same account access achievable through the other exploits.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	b8ab4644f8044f3485441ee052f30a13	100535A	Sitecore - Dangerous File Upload - CVE:CVE-2025-34510, CVE:CVE-2025-34511	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	06d1fe0bd6e44d868e6b910b5045a97f	100535	Sitecore - Information Disclosure - CVE:CVE-2025-34509	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	f71ce87ea6e54eab999223df579cd3e0	100543	Grafana - Directory Traversal - CVE:CVE-2025-4123	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	bba3d37891a440fb8bc95b970cbd9abc	100545	WordPress - Information Disclosure - CVE:CVE-2023-5561	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	28108d25f1cf470c8e7648938f634977	100820	CentOS WebPanel - Remote Code Execution - CVE:CVE-2025-48703	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	9d69c796a61444a3aca33dc282ae64c1	100821	LaRecipe - SSTI - CVE:CVE-2025-53833	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	9b5c5e13d2ca4253a89769f2194f7b2d	100822	WordPress:Plugin:WPBookit - Remote Code Execution - CVE:CVE-2025-6058	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	69d43d704b0641898141a4300bf1b661	100823	WordPress:Theme:Motors - Privilege Escalation - CVE:CVE-2025-4322	Log	Block	This is a New Detection

Cloudflare Fundamentals, Terraform - Terraform v5.8.2 now available

Fri, 01 Aug 2025 00:00:00 GMT

Earlier this year, we announced the launch of the new Terraform v5 Provider. We are aware of the high mumber of issues reported by the Cloudflare community related to the v5 release. We have committed to releasing improvements on a 2 week cadeance to ensure it's stability and reliability. We have also pivoted from an issue-to-issue approach to a resource-per-resource approach - we will be focusing on specific resources for every release, stablizing the release and closing all associated bugs with that resource before moving onto resolving migration issues.

Thank you for continuing to raise issues. We triage them weekly and they help make our products stronger.

Changes

Resources stablized:
- cloudflare_custom_pages
- cloudflare_page_rule
- cloudflare_dns_record
- cloudflare_argo_tiered_caching
Addressed chronic drift issues in cloudflare_logpush_job, cloudflare_zero_trust_dns_location, cloudflare_ruleset & cloudflare_api_token
cloudflare_zone_subscripton returns expected values rate_plan.id from former versions
cloudflare_workers_script can now successfully be destroyed with bindings & migration for Durable Objects now recorded in tfstate
Ability to configure add_headers under cloudflare_zero_trust_gateway_policy
Other bug fixes

For a more detailed look at all of the changes, see the changelog in GitHub.

Issues Closed

If you have an unaddressed issue with the provider, we encourage you to check the open issues and open a new one if one does not already exist for what you are experiencing.

Upgrading

We suggest holding off on migration to v5 while we work on stablization. This help will you avoid any blocking issues while the Terraform resources are actively being stablized.

If you'd like more information on migrating from v4 to v5, please make use of the migration guide. We have provided automated migration scripts using Grit which simplify the transition, although these do not support implementations which use Terraform modules, so customers making use of modules need to migrate manually. Please make use of terraform plan to test your changes before applying, and let us know if you encounter any additional issues by reporting to our GitHub repository.

For more info

Workers - Develop locally with Containers and the Cloudflare Vite plugin

Fri, 01 Aug 2025 00:00:00 GMT

You can now configure and run Containers alongside your Worker during local development when using the Cloudflare Vite plugin. Previously, you could only develop locally when using Wrangler as your local development server.

Configuration

You can simply configure your Worker and your Container(s) in your Wrangler configuration file:

wrangler.jsonc

{
  "name": "container-starter",
  "main": "src/index.js",
  "containers": [
    {
      "class_name": "MyContainer",
      "image": "./Dockerfile",
      "instances": 5
    }
  ],
  "durable_objects": {
    "bindings": [
      {
        "class_name": "MyContainer",
        "name": "MY_CONTAINER"
      }
    ]
  },
  "migrations": [
    {
      "new_sqlite_classes": [
        "MyContainer"
      ],
      "tag": "v1"
    }
  ],
}

wrangler.toml

name = "container-starter"
main = "src/index.js"

[[containers]]
class_name = "MyContainer"
image = "./Dockerfile"
instances = 5

[[durable_objects.bindings]]
class_name = "MyContainer"
name = "MY_CONTAINER"

[[migrations]]
new_sqlite_classes = [ "MyContainer" ]
tag = "v1"

Worker Code

Once your Worker and Containers are configured, you can access the Container instances from your Worker code:

import { Container, getContainer } from "@cloudflare/containers";

export class MyContainer extends Container {
  defaultPort = 4000; // Port the container is listening on
  sleepAfter = "10m"; // Stop the instance if requests not sent for 10 minutes
}

async fetch(request, env) {
  const { "session-id": sessionId } = await request.json();
  // Get the container instance for the given session ID
  const containerInstance = getContainer(env.MY_CONTAINER, sessionId)
  // Pass the request to the container instance on its default port
  return containerInstance.fetch(request);
}

Local development

To develop your Worker locally, start a local dev server by running

vite dev

in your terminal.

Resources

Learn more about Cloudflare Containers or the Cloudflare Vite plugin in our developer docs.

Cloudflare WAN - Terraform V5 support for tunnels and routes

Thu, 31 Jul 2025 00:00:00 GMT

The Cloudflare Terraform provider resources for Cloudflare WAN tunnels and routes now support Terraform provider version 5. Customers using infrastructure-as-code workflows can manage their tunnel and route configuration with the latest provider version.

For more information, refer to the Cloudflare Terraform provider documentation.

Magic Transit, Cloudflare WAN - Magic Transit and Magic WAN health check data is fully compatible with the CMB EU setting.

Wed, 30 Jul 2025 00:00:00 GMT

Today, we are excited to announce that all Magic Transit and Magic WAN customers with CMB EU (Customer Metadata Boundary - Europe) enabled in their account will be able to access GRE, IPsec, and CNI health check and traffic volume data in the Cloudflare dashboard and via API.

This ensures that all Magic Transit and Magic WAN customers with CMB EU enabled will be able to access all Magic Transit and Magic WAN features.

Specifically, these two GraphQL endpoints are now compatible with CMB EU:

magicTransitTunnelHealthChecksAdaptiveGroups
magicTransitTunnelTrafficAdaptiveGroups

Workers, Secrets Store - Deploy to Cloudflare buttons now support Worker environment variables, secrets, and Secrets Store secrets

Tue, 29 Jul 2025 01:00:00 GMT

Any template which uses Worker environment variables, secrets, or Secrets Store secrets can now be deployed using a Deploy to Cloudflare button.

Define environment variables and secrets store bindings in your Wrangler configuration file as normal:

wrangler.jsonc

{
  "name": "my-worker",
  "main": "./src/index.ts",
  // Set this to today's date
  "compatibility_date": "2026-04-03",
  "vars": {
    "API_HOST": "https://example.com",
  },
  "secrets_store_secrets": [
    {
      "binding": "API_KEY",
      "store_id": "demo",
      "secret_name": "api-key"
    }
  ]
}

wrangler.toml

name = "my-worker"
main = "./src/index.ts"
# Set this to today's date
compatibility_date = "2026-04-03"

[vars]
API_HOST = "https://example.com"

[[secrets_store_secrets]]
binding = "API_KEY"
store_id = "demo"
secret_name = "api-key"

Add secrets to a .dev.vars.example or .env.example file:

COOKIE_SIGNING_KEY=my-secret # comment

And optionally, you can add a description for these bindings in your template's package.json to help users understand how to configure each value:

{
  "name": "my-worker",
  "private": true,
  "cloudflare": {
    "bindings": {
      "API_KEY": {
        "description": "Select your company's API key for connecting to the example service."
      },
      "COOKIE_SIGNING_KEY": {
        "description": "Generate a random string using `openssl rand -hex 32`."
      }
    }
  }
}

These secrets and environment variables will be presented to users in the dashboard as they deploy this template, allowing them to configure each value. Additional information about creating templates and Deploy to Cloudflare buttons can be found in our documentation.

Audit Logs - Audit logs (version 2) - UI Beta Release

Tue, 29 Jul 2025 00:00:00 GMT

The Audit Logs v2 UI is now available to all Cloudflare customers in Beta. This release builds on the public Beta of the Audit Logs v2 API and introduces a redesigned user interface with powerful new capabilities to make it easier to investigate account activity.

Enabling the new UI

To try the new user interface, go to Manage Account > Audit Logs. The previous version of Audit Logs remains available and can be re-enabled at any time using the Switch back to old Audit Logs link in the banner at the top of the page.

New Features:

Advanced Filtering: Filter logs by actor, resource, method, and more for faster insights.
On-hover filter controls: Easily include or exclude values in queries by hovering over fields within a log entry.
Detailed Log Sidebar: View rich context for each log entry without leaving the main view.
JSON Log View: Inspect the raw log data in a structured JSON format.
Custom Time Ranges: Define your own time windows to view historical activity.
Infinite Scroll: Seamlessly browse logs without clicking through pages.

For more details on Audit Logs v2, see the Audit Logs documentation.

Known issues

A small number of audit logs may currently be unavailable in Audit Logs v2. In some cases, certain fields such as actor information may be missing in certain audit logs. We are actively working to improve coverage and completeness for General Availability.
Export to CSV is not supported in the new UI.

We are actively refining the Audit Logs v2 experience and welcome your feedback. You can share overall feedback by clicking the thumbs up or thumbs down icons at the top of the page, or provide feedback on specific audit log entries using the thumbs icons next to each audit log line or by filling out our feedback form.

Browser Rendering - Introducing pricing for the Browser Rendering API — $0.09 per browser hour

Mon, 28 Jul 2025 12:00:00 GMT

We’ve launched pricing for Browser Rendering, including a free tier and a pay-as-you-go model that scales with your needs. Starting August 20, 2025, Cloudflare will begin billing for Browser Rendering.

There are two ways to use Browser Rendering. Depending on the method you use, here’s how billing will work:

REST API: Charged for Duration only ($/browser hour)
Workers Bindings: Charged for both Duration and Concurrency ($/browser hour and # of concurrent browsers)

Included usage and pricing by plan

Plan	Included duration	Included concurrency	Price (beyond included)
Workers Free	10 minutes per day	3 concurrent browsers	N/A
Workers Paid	10 hours per month	10 concurrent browsers (averaged monthly)	1. REST API: $0.09 per additional browser hour 2. Workers Bindings: $0.09 per additional browser hour $2.00 per additional concurrent browser

What you need to know:

Workers Free Plan: 10 minutes of browser usage per day with 3 concurrent browsers at no charge.
Workers Paid Plan: 10 hours of browser usage per month with 10 concurrent browsers (averaged monthly) at no charge. Additional usage is charged as shown above.

You can monitor usage via the Cloudflare dashboard. Go to Compute (Workers) > Browser Rendering.

If you've been using Browser Rendering and do not wish to incur charges, ensure your usage stays within your plan's included usage. To estimate costs, take a look at these example pricing scenarios.

Gateway - Scam domain category introduced under Security Threats

Mon, 28 Jul 2025 00:00:00 GMT

We have introduced a new Security Threat category called Scam. Relevant domains are marked with the Scam category. Scam typically refers to fraudulent websites and schemes designed to trick victims into giving away money or personal information.

New category added

Parent ID	Parent Name	Category ID	Category Name
21	Security Threats	191	Scam

Refer to Gateway domain categories to learn more.

WAF - WAF Release - 2025-07-28

Mon, 28 Jul 2025 00:00:00 GMT

This week’s update spotlights several vulnerabilities across Apache Tomcat, MongoDB, and Fortinet FortiWeb. Several flaws related with a memory leak in Apache Tomcat can lead to a denial-of-service attack. Additionally, a code injection flaw in MongoDB's Mongoose library allows attackers to bypass security controls to access restricted data.

Key Findings

Fortinet FortiWeb (CVE-2025-25257): An improper neutralization of special elements used in a SQL command vulnerability in Fortinet FortiWeb versions allows an unauthenticated attacker to execute unauthorized SQL code or commands.
Apache Tomcat (CVE-2025-31650): A improper Input Validation vulnerability in Apache Tomcat that could create memory leak when incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request.
MongoDB (CVE-2024-53900, CVE:CVE-2025-23061): Improper use of $where in match and a nested $where filter with a populate() match in Mongoose can lead to search injection.

Impact

These vulnerabilities target user-facing components, web application servers, and back-end databases. A SQL injection flaw in Fortinet FortiWeb can lead to data theft or system compromise. A separate issue in Apache Tomcat involves a memory leak from improper input validation, which could be exploited for a denial-of-service (DoS) attack. Finally, a vulnerability in MongoDB's Mongoose library allows attackers to bypass security filters and access unauthorized data through malicious search queries.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	6ab3bd3b58fb4325ac2d3cc73461ec9e	100804	BerriAI - SSRF - CVE:CVE-2024-6587	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	2e6c4d02f42a4c3ca90649d50cb13e1d	100812	Fortinet FortiWeb - Remote Code Execution - CVE:CVE-2025-25257	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	fd360d8fd9994e6bab6fb06067fae7f7	100813	Apache Tomcat - DoS - CVE:CVE-2025-31650	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	f9e01e28c5d6499cac66364b4b6a5bb1	100815	MongoDB - Remote Code Execution - CVE:CVE-2024-53900, CVE:CVE-2025-23061	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	700d4fcc7b1f481a80cbeee5688f8e79	100816	MongoDB - Remote Code Execution - CVE:CVE-2024-53900, CVE:CVE-2025-23061	Log	Block	This is a New Detection

Cloudflare One Client - WARP client for Windows (version 2025.6.824.1)

Thu, 24 Jul 2025 12:28:40 GMT

A new Beta release for the Windows WARP client is now available on the beta releases downloads page.

This release contains minor fixes and improvements.

Changes and improvements

Improvements to better manage multi-user pre-login registrations.
Fixed an issue preventing devices from reaching split-tunneled traffic even when WARP was disconnected.
Fix to prevent WARP from re-enabling its firewall rules after a user-initiated disconnect.
Improvement to managed network detection checks for faster switching between managed networks.

Known issues

For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum Windows 11 24H2 version KB5062553 or higher for resolution.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2025.6.824.1)

Thu, 24 Jul 2025 12:28:40 GMT

A new Beta release for the macOS WARP client is now available on the beta releases downloads page.

This release contains minor fixes and improvements.

Changes and improvements

Fixed an issue preventing devices from reaching split-tunneled traffic even when WARP was disconnected.
Fix to prevent WARP from re-enabling its firewall rules after a user-initiated disconnect.
Improvement to managed network detection checks for faster switching between managed networks.

Known issues

macOS Sequoia: Due to changes Apple introduced in macOS 15.0.x, the WARP client may not behave as expected. Cloudflare recommends the use of macOS 15.4 or later.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.

Gateway - Gateway HTTP Filtering on all ports available in open BETA

Thu, 24 Jul 2025 00:00:00 GMT

Gateway can now apply HTTP filtering to all proxied HTTP requests, not just traffic on standard HTTP (80) and HTTPS (443) ports. This means all requests can now be filtered by A/V scanning, file sandboxing, Data Loss Prevention (DLP), and more.

You can turn this setting on by going to Settings > Network > Firewall and choosing Inspect on all ports.

To learn more, refer to Inspect on all ports (Beta).

Cloudflare One Client - WARP client for Windows (version 2025.5.943.0)

Wed, 23 Jul 2025 20:41:54 GMT

A new GA release for the Windows WARP client is now available on the stable releases downloads page.

This release contains minor fixes and improvements.

Changes and improvements

WARP proxy mode now uses the operating system's DNS settings. Changes made to system DNS settings while in proxy mode require the client to be turned off then back on to take effect.
Changes to the SCCM VPN boundary support feature to no longer restart the SMS Agent Host (ccmexec.exe) service.
Fixed an issue affecting clients in Split Tunnel Include mode, where access to split-tunneled traffic was blocked after reconnecting the client.

Known issues

For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum Windows 11 24H2 version KB5062553 or higher for resolution.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2025.5.943.0)

Wed, 23 Jul 2025 20:41:33 GMT

A new GA release for the macOS WARP client is now available on the stable releases downloads page.

This release contains minor fixes and improvements.

Changes and improvements

WARP proxy mode now uses the operating system's DNS settings. Changes made to system DNS settings while in proxy mode require the client to be turned off then back on to take effect.
Fixed an issue affecting clients in Split Tunnel Include mode, where access to split-tunneled traffic was blocked after reconnecting the client.
For macOS deployments, the WARP client can now be managed using an mdm.xml file placed in /Library/Application Support/Cloudflare/mdm.xml. This new configuration option offers an alternative to the still supported method of deploying a managed plist through an MDM solution.

Known issues

macOS Sequoia: Due to changes Apple introduced in macOS 15.0.x, the WARP client may not behave as expected. Cloudflare recommends the use of macOS 15.4 or later.
Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.

Cloudflare One Client - WARP client for Linux (version 2025.5.943.0)

Wed, 23 Jul 2025 19:17:49 GMT

A new GA release for the Linux WARP client is now available on the stable releases downloads page.

This release contains minor fixes and improvements.

Changes and improvements

WARP proxy mode now uses the operating system's DNS settings. Changes made to system DNS settings while in proxy mode require the client to be turned off then back on to take effect.
Fixed an issue affecting clients in Split Tunnel Include mode, where access to split-tunneled traffic was blocked after reconnecting the client.

Known issues

Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.

Browser Rendering - Browser Rendering now supports local development

Tue, 22 Jul 2025 11:00:00 GMT

You can now run your Browser Rendering locally using npx wrangler dev, which spins up a browser directly on your machine before deploying to Cloudflare's global network. By running tests locally, you can quickly develop, debug, and test changes without needing to deploy or worry about usage costs.

Get started with this example guide that shows how to use Cloudflare's fork of Puppeteer (you can also use Playwright) to take screenshots of webpages and store the results in Workers KV.

Workers - Test out code changes before shipping with per-branch preview deployments for Cloudflare Workers

Tue, 22 Jul 2025 01:00:00 GMT

Now, when you connect your Cloudflare Worker to a git repository on GitHub or GitLab, each branch of your repository has its own stable preview URL, that you can use to preview code changes before merging the pull request and deploying to production.

This works the same way that Cloudflare Pages does — every time you create a pull request, you'll automatically get a shareable preview link where you can see your changes running, without affecting production. The link stays the same, even as you add commits to the same branch. These preview URLs are named after your branch and are posted as a comment to each pull request. The URL stays the same with every commit and always points to the latest version of that branch.

Preview URL types

Each comment includes two preview URLs as shown above:

Commit Preview URL: Unique to the specific version/commit (e.g., <version-prefix>-<worker-name>.<subdomain>.workers.dev)
Branch Preview URL: A stable alias based on the branch name (e.g., <branch-name>-<worker-name>.<subdomain>.workers.dev)

How it works

When you create a pull request:

A preview alias is automatically created based on the Git branch name (e.g., <branch-name> becomes <branch-name>-<worker-name>.<subdomain>.workers.dev)
No configuration is needed, the alias is generated for you
The link stays the same even as you add commits to the same branch
Preview URLs are posted directly to your pull request as comments (just like they are in Cloudflare Pages)

Custom alias name

You can also assign a custom preview alias using the Wrangler CLI, by passing the --preview-alias flag when uploading a version of your Worker:

wrangler versions upload --preview-alias staging

Limitations while in beta

Only available on the workers.dev subdomain (custom domains not yet supported)
Requires Wrangler v4.21.0+
Preview URLs are not generated for Workers that use Durable Objects
Not yet supported for Workers for Platforms

Gateway - Google Bard Application replaced by Gemini

Tue, 22 Jul 2025 00:00:00 GMT

The Google Bard application (ID: 1198) has been deprecated and fully removed from the system. It has been replaced by the Gemini application (ID: 1340). Any existing Gateway policies that reference the old Google Bard application will no longer function. To ensure your policies continue to work as intended, you should update them to use the new Gemini application. We recommend replacing all instances of the deprecated Bard application with the new Gemini application in your Gateway policies. For more information about application policies, please see the Cloudflare Gateway documentation.

Stream - Audio mode for Media Transformations

Tue, 22 Jul 2025 00:00:00 GMT

We now support audio mode! Use this feature to extract audio from a source video, outputting an M4A file to use in downstream workflows like AI inference, content moderation, or transcription.

For example,

https://example.com/cdn-cgi/media/<OPTIONS>/<SOURCE-VIDEO>
https://example.com/cdn-cgi/media/mode=audio,time=3s,duration=60s/<input video with diction>

For more information, learn about Transforming Videos.

Cloudflare One, Cloudflare WAN - Virtual Cloudflare One Appliance with KVM support (open beta)

Mon, 21 Jul 2025 00:00:00 GMT

The KVM-based virtual Cloudflare One Appliance is now in open beta with official support for Proxmox VE.

Customers can deploy the virtual appliance on KVM hypervisors to connect branch or data center networks to Cloudflare WAN without dedicated hardware.

For setup instructions, refer to Configure a virtual Cloudflare One Appliance.

Email Routing - Subaddressing support in Email Routing

Mon, 21 Jul 2025 00:00:00 GMT

Subaddressing, as defined in RFC 5233, also known as plus addressing, is now supported in Email Routing. This enables using the "+" separator to augment your custom addresses with arbitrary detail information.

Now you can send an email to user+detail@example.com and it will be captured by the user@example.com custom address. The +detail part is ignored by Email Routing, but it can be captured next in the processing chain in the logs, an Email Worker or an Agent application.

Customers can use this feature to dynamically add context to their emails, such as tracking the source of an email or categorizing emails without needing to create multiple custom addresses.

Check our Developer Docs to learn on to enable subaddressing in Email Routing.

WAF - WAF Release - 2025-07-21 - Emergency

Mon, 21 Jul 2025 00:00:00 GMT

This week's update highlights several high-impact vulnerabilities affecting Microsoft SharePoint Server. These flaws, involving unsafe deserialization, allow unauthenticated remote code execution over the network, posing a critical threat to enterprise environments relying on SharePoint for collaboration and document management.

Key Findings

Microsoft SharePoint Server (CVE-2025-53770): A critical vulnerability involving unsafe deserialization of untrusted data, enabling unauthenticated remote code execution over the network. This flaw allows attackers to execute arbitrary code on vulnerable SharePoint servers without user interaction.
Microsoft SharePoint Server (CVE-2025-53771): A closely related deserialization issue that can be exploited by unauthenticated attackers, potentially leading to full system compromise. The vulnerability highlights continued risks around insecure serialization logic in enterprise collaboration platforms.

Impact

Together, these vulnerabilities significantly weaken the security posture of on-premise Microsoft SharePoint Server deployments. By enabling remote code execution without authentication, they open the door for attackers to gain persistent access, deploy malware, and move laterally across enterprise environments.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	34dac2b38b904163bc587cc32168f6f0	100817	Microsoft SharePoint - Deserialization - CVE:CVE-2025-53770	N/A	Block	This is a New Detection
Cloudflare Managed Ruleset	d21f327516a145bc9d1b05678de656c4	100818	Microsoft SharePoint - Deserialization - CVE:CVE-2025-53771	N/A	Block	This is a New Detection

For more details, also refer to our blog.

WAF - WAF Release - 2025-07-21

Mon, 21 Jul 2025 00:00:00 GMT

This week's update spotlights several critical vulnerabilities across Citrix NetScaler Memory Disclosure, FTP servers and network application. Several flaws enable unauthenticated remote code execution or sensitive data exposure, posing a significant risk to enterprise security.

Key Findings

Wing FTP Server (CVE-2025-47812): A critical Remote Code Execution (RCE) vulnerability that enables unauthenticated attackers to execute arbitrary code with root/SYSTEM-level privileges by exploiting a Lua injection flaw.
Infoblox NetMRI (CVE-2025-32813): A remote unauthenticated command injection flaw that allows an attacker to execute arbitrary commands, potentially leading to unauthorized access.
Citrix Netscaler ADC (CVE-2025-5777, CVE-2023-4966): A sensitive information disclosure vulnerability, also known as "Citrix Bleed2", that allows the disclosure of memory and subsequent remote access session hijacking.
Akamai CloudTest (CVE-2025-49493): An XML External Entity (XXE) injection that could lead to read local files on the system by manipulating XML input.

Impact

These vulnerabilities affect critical enterprise infrastructure, from file transfer services and network management appliances to application delivery controllers. The Wing FTP RCE and Infoblox command injection flaws offer direct paths to deep system compromise, while the Citrix "Bleed2" and Akamai XXE vulnerabilities undermine system integrity by enabling session hijacking and sensitive data theft.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	6ab3bd3b58fb4325ac2d3cc73461ec9e	100804	BerriAI - SSRF - CVE:CVE-2024-6587	Log	Log	This is a New Detection
Cloudflare Managed Ruleset	0e17d8761f1a47d5a744a75b5199b58a	100805	Wing FTP Server - Remote Code Execution - CVE:CVE-2025-47812	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	81ace5a851214a2f9c58a1e7919a91a4	100807	Infoblox NetMRI - Command Injection - CVE:CVE-2025-32813	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	cd8fa74e8f6f476c9380ae217899130f	100808	Citrix Netscaler ADC - Buffer Error - CVE:CVE-2025-5777	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	e012c7bece304a1daf80935ed1cf8e08	100809	Citrix Netscaler ADC - Information Disclosure - CVE:CVE-2023-4966	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	5d348a573a834ffd968faffc6e70469f	100810	Akamai CloudTest - XXE - CVE:CVE-2025-49493	Log	Block	This is a New Detection

Security Center - New APIs for Brand Protection setup

Fri, 18 Jul 2025 00:00:00 GMT

The Brand Protection API is now available, allowing users to create new queries and delete existing ones, fetch matches and more!

What you can do:

create new string or logo query
delete string or logo queries
download matches for both logo and string queries
read matches for both logo and string queries

Ready to start? Check out the Brand Protection API in our documentation.

Workers - The Cloudflare Vite plugin now supports Vite 7

Thu, 17 Jul 2025 01:00:00 GMT

Vite 7 is now supported in the Cloudflare Vite plugin. See the Vite changelog for a list of changes.

Note that the minimum Node.js versions supported by Vite 7 are 20.19 and 22.12. We continue to support Vite 6 so you do not need to immediately upgrade.

Data Loss Prevention - New detection entry type: Document Matching for DLP

Thu, 17 Jul 2025 00:00:00 GMT

You can now create document-based detection entries in DLP by uploading example documents. Cloudflare will encrypt your documents and create a unique fingerprint of the file. This fingerprint is then used to identify similar documents or snippets within your organization's traffic and stored files.

Key features and benefits:

Upload documents, forms, or templates: Easily upload .docx and .txt files (up to 10 MB) that contain sensitive information you want to protect.
Granular control with similarity percentage: Define a minimum similarity percentage (0-100%) that a document must meet to trigger a detection, reducing false positives.
Comprehensive coverage: Apply these document-based detection entries in:
- Gateway policies: To inspect network traffic for sensitive documents as they are uploaded or shared.
- CASB (Cloud Access Security Broker): To scan files stored in cloud applications for sensitive documents at rest.
Identify sensitive data: This new detection entry type is ideal for identifying sensitive data within completed forms, templates, or even small snippets of a larger document, helping you prevent data exfiltration and ensure compliance.

Once uploaded and processed, you can add this new document entry into a DLP profile and policies to enhance your data protection strategy.

Cloudflare Tunnel, Cloudflare Tunnel for SASE - Faster, more reliable UDP traffic for Cloudflare Tunnel

Tue, 15 Jul 2025 00:00:00 GMT

Your real-time applications running over Cloudflare Tunnel are now faster and more reliable. We've completely re-architected the way cloudflared proxies UDP traffic in order to isolate it from other traffic, ensuring latency-sensitive applications like private DNS are no longer slowed down by heavy TCP traffic (like file transfers) on the same Tunnel.

This is a foundational improvement to Cloudflare Tunnel, delivered automatically to all customers. There are no settings to configure — your UDP traffic is already flowing faster and more reliably.

What’s new:

Faster UDP performance: We've significantly reduced the latency for establishing new UDP sessions, making applications like private DNS much more responsive.
Greater reliability for mixed traffic: UDP packets are no longer affected by heavy TCP traffic, preventing timeouts and connection drops for your real-time services.

Learn more about running TCP or UDP applications and private networks through Cloudflare Tunnel.

Cloudflare Fundamentals, Terraform - Terraform v5.7.0 now available

Mon, 14 Jul 2025 00:00:00 GMT

Earlier this year, we announced the launch of the new Terraform v5 Provider. We are aware of the high mumber of issues reported by the Cloudflare community related to the v5 release, with 13.5% of resources impacted. We have committed to releasing improvements on a 2 week cadeance to ensure it's stability and relability, including the v5.7 release.

Thank you for continuing to raise issues and please keep an eye on this changelog for more information about upcoming releases.

Changes

Addressed permanent diff bug on Cloudflare Tunnel config
State is now saved correctly for Zero Trust Access applications
Exact match is now working as expected within data.cloudflare_zero_trust_access_applications
cloudflare_zero_trust_access_policy now supports OIDC claims & diff issues resolved
Self hosted applications with private IPs no longer require a public domain for cloudflare_zero_trust_access_application.
New resource:
- cloudflare_zero_trust_tunnel_warp_connector
Other bug fixes

For a more detailed look at all of the changes, see the changelog in GitHub.

Issues Closed

If you have an unaddressed issue with the provider, we encourage you to check the open issues and open a new one if one does not already exist for what you are experiencing.

Upgrading

We suggest holding on migration to v5 while we work on stablization of the v5 provider. This will ensure Cloudflare can work ahead and avoid any blocking issues.

If you'd like more information on migrating from v4 to v5, please make use of the migration guide. We have provided automated migration scripts using Grit which simplify the transition, although these do not support implementations which use Terraform modules, so customers making use of modules need to migrate manually. Please make use of terraform plan to test your changes before applying, and let us know if you encounter any additional issues by reporting to our GitHub repository.

For more info

WAF - WAF Release - 2025-07-14

Mon, 14 Jul 2025 00:00:00 GMT

This week’s vulnerability analysis highlights emerging web application threats that exploit modern JavaScript behavior and SQL parsing ambiguities. Attackers continue to refine techniques such as attribute overloading and obfuscated logic manipulation to evade detection and compromise front-end and back-end systems.

Key Findings

XSS – Attribute Overloading: A novel cross-site scripting technique where attackers abuse custom or non-standard HTML attributes to smuggle payloads into the DOM. These payloads evade traditional sanitization logic, especially in frameworks that loosely validate attributes or trust unknown tokens.
XSS – onToggle Event Abuse: Exploits the lesser-used onToggle event (triggered by elements like <details>) to execute arbitrary JavaScript when users interact with UI elements. This vector is often overlooked by static analyzers and can be embedded in seemingly benign components.

Impact

These vulnerabilities target both user-facing components and back-end databases, introducing potential vectors for credential theft, session hijacking, or full data exfiltration. The XSS variants bypass conventional filters through overlooked HTML behaviors, while the obfuscated SQLi enables attackers to stealthily probe back-end logic, making them especially difficult to detect and block.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	a8918353372b4191b10684eb2aa3d845	100798	XSS - Attribute Overloading	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	31dd299ba375414dac9260c037548d06	100799	XSS - OnToggle	Log	Block	This is a New Detection

Cloudflare One - New onboarding guides for Zero Trust

Thu, 10 Jul 2025 00:00:00 GMT

Use our brand new onboarding experience for Cloudflare Zero Trust. New and returning users can now engage with a Get Started tab with walkthroughs for setting up common use cases end-to-end.

There are eight brand new onboarding guides in total:

Securely access a private network (sets up device client and Tunnel)
Device-to-device / mesh networking (sets up and connects multiple device clients)
Network to network connectivity (sets up and connects multiple WARP Connectors, makes reference to Magic WAN availability for Enterprise)
Secure web traffic (sets up device client, Gateway, pre-reqs, and initial policies)
Secure DNS for networks (sets up a new DNS location and Gateway policies)
Clientless web access (sets up Access to a web app, Tunnel, and public hostname)
Clientless SSH access (all the same + the web SSH experience)
Clientless RDP access (all the same + RDP-in-browser)

Each flow walks the user through the steps to configure the essential elements, and provides a “more details” panel with additional contextual information about what the user will accomplish at the end, along with why the steps they take are important.

Try them out now in the Zero Trust dashboard!

Log Explorer - Usage tracking

Wed, 09 Jul 2025 00:00:00 GMT

Log Explorer customers can now monitor their data ingestion volume to keep track of their billing. Monthly usage is displayed at the top of the Log Search and Manage Datasets screens in Log Explorer.

AI Search - Faster indexing and new Jobs view in AutoRAG

Tue, 08 Jul 2025 00:00:00 GMT

You can now expect 3-5× faster indexing in AutoRAG, and with it, a brand new Jobs view to help you monitor indexing progress.

With each AutoRAG, indexing jobs are automatically triggered to sync your data source (i.e. R2 bucket) with your Vectorize index, ensuring new or updated files are reflected in your query results. You can also trigger jobs manually via the Sync API or by clicking “Sync index” in the dashboard.

With the new jobs observability, you can now:

View the status, job ID, source, start time, duration and last sync time for each indexing job
Inspect real-time logs of job events (e.g. Starting indexing data source...)
See a history of past indexing jobs under the Jobs tab of your AutoRAG

This makes it easier to understand what’s happening behind the scenes.

Coming soon: We’re adding APIs to programmatically check indexing status, making it even easier to integrate AutoRAG into your workflows.

Try it out today on the Cloudflare dashboard.

Cloudflare Images - HEIC support in Cloudflare Images

Tue, 08 Jul 2025 00:00:00 GMT

You can use Images to ingest HEIC images and serve them in supported output formats like AVIF, WebP, JPEG, and PNG.

When inputting a HEIC image, dimension and sizing limits may still apply. Refer to our documentation to see limits for uploading to Images or transforming a remote image.

Cloudflare One - Cloudy summaries for Access and Gateway Logs

Mon, 07 Jul 2025 00:00:00 GMT

Cloudy, Cloudflare's AI Agent, will now automatically summarize your Access and Gateway block logs.

In the log itself, Cloudy will summarize what occurred and why. This will be helpful for quick troubleshooting and issue correlation.

If you have feedback about the Cloudy summary - good or bad - you can provide that right from the summary itself.

Cloudflare One - New App Library for Zero Trust Dashboard

Mon, 07 Jul 2025 00:00:00 GMT

Cloudflare Zero Trust customers can use the App Library to get full visibility over the SaaS applications that they use in their Gateway policies, CASB integrations, and Access for SaaS applications.

App Library, found under My Team, makes information available about all Applications that can be used across the Zero Trust product suite.

You can use the App Library to see:

How Applications are defined
Where they are referenced in policies
Whether they have Access for SaaS configured
Review their CASB findings and integration status.

Within individual Applications, you can also track their usage across your organization, and better understand user behavior.

WAF - Increased IP List Limits for Enterprise Accounts

Mon, 07 Jul 2025 00:00:00 GMT

We have significantly increased the limits for IP Lists on Enterprise plans to provide greater flexibility and control:

Total number of lists: Increased from 10 to 1,000.
Total number of list items: Increased from 10,000 to 500,000.

Limits for other list types and plans remain unchanged. For more details, refer to the lists availability.

WAF - WAF Release - 2025-07-07

Mon, 07 Jul 2025 00:00:00 GMT

This week’s roundup uncovers critical vulnerabilities affecting enterprise VoIP systems, webmail platforms, and a popular JavaScript framework. The risks range from authentication bypass to remote code execution (RCE) and buffer handling flaws, each offering attackers a path to elevate access or fully compromise systems.

Key Findings

Next.js - Auth Bypass: A newly detected authentication bypass flaw in the Next.js framework allows attackers to access protected routes or APIs without proper authorization, undermining application access controls.
Fortinet FortiVoice (CVE-2025-32756): A buffer error vulnerability in FortiVoice systems that could lead to memory corruption and potential code execution or service disruption in enterprise telephony environments.
Roundcube (CVE-2025-49113): A critical RCE flaw allowing unauthenticated attackers to execute arbitrary PHP code via crafted requests, leading to full compromise of mail servers and user inboxes.

Impact

These vulnerabilities affect core business infrastructure, from web interfaces to voice communications and email platforms. The Roundcube RCE and FortiVoice buffer flaw offer potential for deep system access, while the Next.js auth bypass undermines trust boundaries in modern web apps.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	b6558cac8c874bd6878734057eb35ee6	100795	Next.js - Auth Bypass	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	58fcf6d9c05d4b7a8f41e0a3c329aeb0	100796	Fortinet FortiVoice - Buffer Error - CVE:CVE-2025-32756	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	34ed0624bc864ea88bbea55bab314023	100797	Roundcube - Remote Code Execution - CVE:CVE-2025-49113	Log	Disabled	This is a New Detection

Workers - Workers now supports JavaScript debug terminals in VSCode, Cursor and Windsurf IDEs

Fri, 04 Jul 2025 00:00:00 GMT

Workers now support breakpoint debugging using VSCode's built-in JavaScript Debug Terminals. All you have to do is open a JS debug terminal (Cmd + Shift + P and then type javascript debug) and run wrangler dev (or vite dev) from within the debug terminal. VSCode will automatically connect to your running Worker (even if you're running multiple Workers at once!) and start a debugging session.

In 2023 we announced breakpoint debugging support for Workers, which meant that you could easily debug your Worker code in Wrangler's built-in devtools (accessible via the [d] hotkey) as well as multiple other devtools clients, including VSCode. For most developers, breakpoint debugging via VSCode is the most natural flow, but until now it's required manually configuring a launch.json file, running wrangler dev, and connecting via VSCode's built-in debugger. Now it's much more seamless!

Hyperdrive - Hyperdrive now supports configuring the amount of database connections

Thu, 03 Jul 2025 00:00:00 GMT

You can now specify the number of connections your Hyperdrive configuration uses to connect to your origin database.

All configurations have a minimum of 5 connections. The maximum connection count for a Hyperdrive configuration depends on the Hyperdrive limits of your Workers plan.

This feature allows you to right-size your connection pool based on your database capacity and application requirements. You can configure connection counts through the Cloudflare dashboard or API.

Refer to the Hyperdrive configuration documentation for more information.

Access - Access RDP securely from your browser — now in open beta

Tue, 01 Jul 2025 00:00:00 GMT

Browser-based RDP with Cloudflare Access is now available in open beta for all Cloudflare customers. It enables secure, remote Windows server access without VPNs or RDP clients.

With browser-based RDP, you can:

Control how users authenticate to internal RDP resources with single sign-on (SSO), multi-factor authentication (MFA), and granular access policies.
Record who is accessing which servers and when to support regulatory compliance requirements and to gain greater visibility in the event of a security event.
Eliminate the need to install and manage software on user devices. You will only need a web browser.
Reduce your attack surface by keeping your RDP servers off the public Internet and protecting them from common threats like credential stuffing or brute-force attacks.

To get started, see Connect to RDP in a browser.

AI Crawl Control - Introducing Pay Per Crawl (private beta)

Tue, 01 Jul 2025 00:00:00 GMT

We are introducing a new feature of AI Crawl Control — Pay Per Crawl. Pay Per Crawl enables site owners to require payment from AI crawlers every time the crawlers access their content, thereby fostering a fairer Internet by enabling site owners to control and monetize how their content gets used by AI.

For Site Owners:

Set pricing and select which crawlers to charge for content access
Manage payments via Stripe
Monitor analytics on successful content deliveries

For AI Crawler Owners:

Use HTTP headers to request and accept pricing
Receive clear confirmations on charges for accessed content

Learn more in the Pay Per Crawl documentation.

AI Crawl Control - AI Crawl Control refresh

Tue, 01 Jul 2025 00:00:00 GMT

We redesigned the AI Crawl Control dashboard to provide more intuitive and granular control over AI crawlers.

From the new AI Crawlers tab: block specific AI crawlers.
From the new Metrics tab: view AI Crawl Control metrics.

To get started, explore:

Radar - Bot & Crawler Insights in Cloudflare Radar

Tue, 01 Jul 2025 00:00:00 GMT

Web crawlers insights

Radar now offers expanded insights into web crawlers, giving you greater visibility into aggregated trends in crawl and refer activity.

We have introduced the following endpoints:

/bots/crawlers/summary/{dimension}: Returns an overview of crawler HTTP request distributions across key dimensions.
/bots/crawlers/timeseries_groups/{dimension}: Provides time-series data on crawler request distributions across the same dimensions.

These endpoints allow analysis across the following dimensions:

user_agent: Parsed data from the User-Agent header.
referer: Parsed data from the Referer header.
crawl_refer_ratio: Ratio of HTML page crawl requests to HTML page referrals by platform.

Broader bot insights

In addition to crawler-specific insights, Radar now provides a broader set of bot endpoints:

/bots/: Lists all bots.
/bots/{bot_slug}: Returns detailed metadata for a specific bot.
/bots/timeseries: Time-series data for bot activity.
/bots/summary/{dimension}: Returns an overview of bot HTTP request distributions across key dimensions.
/bots/timeseries_groups/{dimension}: Provides time-series data on bot request distributions across the same dimensions.

These endpoints support filtering and breakdowns by:

bot: Bot name.
bot_operator: The organization or entity operating the bot.
bot_category: Classification of bot type.

The previously available verified_bots endpoints have now been deprecated in favor of this set of bot insights APIs. While current data still focuses on verified bots, we plan to expand support for unverified bot traffic in the future.

Learn more about the new Radar bot and crawler insights in our blog post.

Workers - Enhanced support for static assets with the Cloudflare Vite plugin

Tue, 01 Jul 2025 00:00:00 GMT

You can now use any of Vite's static asset handling features in your Worker as well as in your frontend. These include importing assets as URLs, importing as strings and importing from the public directory as well as inlining assets.

Additionally, assets imported as URLs in your Worker are now automatically moved to the client build output.

Here is an example that fetches an imported asset using the assets binding and modifies the response.

// Import the asset URL
// This returns the resolved path in development and production
import myImage from "./my-image.png";

export default {
  async fetch(request, env) {
    // Fetch the asset using the binding
    const response = await env.ASSETS.fetch(new URL(myImage, request.url));
    // Create a new `Response` object that can be modified
    const modifiedResponse = new Response(response.body, response);
    // Add an additional header
    modifiedResponse.headers.append("my-header", "imported-asset");

    // Return the modfied response
    return modifiedResponse;
  },
};

Refer to Static Assets in the Cloudflare Vite plugin docs for more info.

Cloudflare One Client - WARP client for Windows (version 2025.5.893.0)

Mon, 30 Jun 2025 21:10:37 GMT

A new GA release for the Windows WARP client is now available on the stable releases downloads page.

This release contains improvements and new exciting features, including SCCM VPN boundary support and post-quantum cryptography. By tunneling your corporate network traffic over Cloudflare, you can now gain the immediate protection of post-quantum cryptography without needing to upgrade any of your individual corporate applications or systems.

Changes and improvements

Fixed a device registration issue that caused WARP connection failures when changing networks.
Captive portal improvements and fixes:
- Captive portal sign in notifications will now be sent through operating system notification services.
- Fix for firewall configuration issue affecting clients in DoH only mode.
Improved the connectivity status message in the client GUI.
Fixed a bug affecting clients in Gateway with DoH mode where the original DNS servers were not restored after disabling WARP.
The WARP client now applies post-quantum cryptography end-to-end on enabled devices accessing resources behind a Cloudflare Tunnel. This feature can be enabled by MDM.
Improvement to handle client configuration changes made by an MDM while WARP is not running.
Improvements for multi-user experience to better handle fast user switching and transitions from a pre-login to a logged-in state.
Added a WARP client device posture check for SAN attributes to the client certificate check.
Fixed an issue affecting Split Tunnel Include mode, where traffic outside the tunnel was blocked when switching between Wi-Fi and Ethernet networks.
Added SCCM VPN boundary support to device profile settings. With SCCM VPN boundary support enabled, operating systems will register WARP's local interface IP with the on-premise DNS server when reachable.
Fix for an issue causing WARP connectivity to fail without full system reboot.

Known issues

For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum Windows 11 24H2 version KB5060829 or higher for resolution.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2025.5.893.0)

Mon, 30 Jun 2025 21:10:36 GMT

A new GA release for the macOS WARP client is now available on the stable releases downloads page.

This release contains improvements and new exciting features, including post-quantum cryptography. By tunneling your corporate network traffic over Cloudflare, you can now gain the immediate protection of post-quantum cryptography without needing to upgrade any of your individual corporate applications or systems.

Changes and improvements

Fixed an issue where WARP sometimes failed to automatically relaunch after updating.
Fixed a device registration issue causing WARP connection failures when changing networks.
Captive portal improvements and fixes:
- Captive portal sign in notifications will now be sent through operating system notification services.
- Fix for firewall configuration issue affecting clients in DoH only mode.
Improved the connectivity status message in the client GUI.
The WARP client now applies post-quantum cryptography end-to-end on enabled devices accessing resources behind a Cloudflare Tunnel. This feature can be enabled by MDM.
Improvement to handle client configuration changes made by an MDM while WARP is not running.
Fixed an issue affecting Split Tunnel Include mode, where traffic outside the tunnel was blocked when switching between Wi-Fi and Ethernet networks.
Improvement for WARP connectivity issues on macOS due to the operating system not accepting DNS server configurations.
Added a WARP client device posture check for SAN attributes to the client certificate check.

Known issues

macOS Sequoia: Due to changes Apple introduced in macOS 15.0.x, the WARP client may not behave as expected. Cloudflare recommends the use of macOS 15.4 or later.

Cloudflare One Client - WARP client for Linux (version 2025.5.893.0)

Mon, 30 Jun 2025 19:44:34 GMT

A new GA release for the Linux WARP client is now available on the stable releases downloads page.

Changes and improvements

Fixed a device registration issue causing WARP connection failures when changing networks.
Captive portal improvements and fixes:
- Captive portal sign in notifications will now be sent through operating system notification services.
- Fix for firewall configuration issue affecting clients in DoH only mode.
Improved the connectivity status message in the client GUI.
The WARP client now applies post-quantum cryptography end-to-end on enabled devices accessing resources behind a Cloudflare Tunnel. This feature can be enabled by MDM.
Improvement to handle client configuration changes made by MDM while WARP is not running.
Fixed an issue affecting Split Tunnel Include mode, where traffic outside the tunnel was blocked when switching between Wi-Fi and Ethernet networks.
Added a WARP client device posture check for SAN attributes to the client certificate check.

Known issues

Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.

Cloudflare One Client - Cloudflare One Agent for Android (version 2.4.2)

Mon, 30 Jun 2025 00:00:00 GMT

A new GA release for the Android Cloudflare One Agent is now available in the Google Play Store. This release contains improvements and new exciting features, including post-quantum cryptography. By tunneling your corporate network traffic over Cloudflare, you can now gain the immediate protection of post-quantum cryptography without needing to upgrade any of your individual corporate applications or systems.

Changes and improvements

QLogs are now disabled by default and can be enabled in the app by turning on Enable qlogs under Settings > Advanced > Diagnostics > Debug Logs. The QLog setting from previous releases will no longer be respected.
DNS over HTTPS traffic is now included in the WARP tunnel by default.
The WARP client now applies post-quantum cryptography end-to-end on enabled devices accessing resources behind a Cloudflare Tunnel. This feature can be enabled by MDM.
Fixed an issue that caused WARP connection failures on ChromeOS devices.

Cloudflare One Client - Cloudflare One Agent for iOS (version 1.11)

Mon, 30 Jun 2025 00:00:00 GMT

A new GA release for the iOS Cloudflare One Agent is now available in the iOS App Store. This release contains improvements and new exciting features, including post-quantum cryptography. By tunneling your corporate network traffic over Cloudflare, you can now gain the immediate protection of post-quantum cryptography without needing to upgrade any of your individual corporate applications or systems.

Changes and improvements

QLogs are now disabled by default and can be enabled in the app by turning on Enable qlogs under Settings > Advanced > Diagnostics > Debug Logs. The QLog setting from previous releases will no longer be respected.
DNS over HTTPS traffic is now included in the WARP tunnel by default.
The WARP client now applies post-quantum cryptography end-to-end on enabled devices accessing resources behind a Cloudflare Tunnel. This feature can be enabled by MDM.

Email Routing - Mail authentication requirements for Email Routing

Mon, 30 Jun 2025 00:00:00 GMT

The Email Routing platform supports SPF records and DKIM (DomainKeys Identified Mail) signatures and honors these protocols when the sending domain has them configured. However, if the sending domain doesn't implement them, we still forward the emails to upstream mailbox providers.

Starting on July 3, 2025, we will require all emails to be authenticated using at least one of the protocols, SPF or DKIM, to forward them. We also strongly recommend that all senders implement the DMARC protocol.

If you are using a Worker with an Email trigger to receive email messages and forward them upstream, you will need to handle the case where the forward action may fail due to missing authentication on the incoming email.

SPAM has been a long-standing issue with email. By enforcing mail authentication, we will increase the efficiency of identifying abusive senders and blocking bad emails. If you're an email server delivering emails to large mailbox providers, it's likely you already use these protocols; otherwise, please ensure you have them properly configured.

Magic Transit - Graceful withdrawal of BYOIP prefixes

Mon, 30 Jun 2025 00:00:00 GMT

Magic Transit customers can now configure AS prepending on their BYOIP prefixes advertised at the Cloudflare edge. This allows for smoother traffic migration and minimizes packet loss when changing providers.

AS prepending makes the Cloudflare route less preferred by increasing the AS path length. You can use this to gradually shift traffic away from Cloudflare before withdrawing a prefix, avoiding abrupt routing changes.

Prepending can be configured via the API or through BGP community values when peering with the Magic Transit routing table. For more information, refer to Advertise prefixes.

Workers - Remote bindings (beta) now works with Next.js — connect to remote resources (D1, KV, R2, etc.) during local development

Mon, 30 Jun 2025 00:00:00 GMT

We recently announced our public beta for remote bindings, which allow you to connect to deployed resources running on your Cloudflare account (like R2 buckets or D1 databases) while running a local development session.

Now, you can use remote bindings with your Next.js applications through the @opennextjs/cloudflare adaptor by enabling the experimental feature in your next.config.ts:

initOpenNextCloudflareForDev();
initOpenNextCloudflareForDev({
 experimental: { remoteBindings: true }
});

Then, all you have to do is specify which bindings you want connected to the deployed resource on your Cloudflare account via the experimental_remote flag in your binding definition:

wrangler.jsonc

{
  "r2_buckets": [
    {
      "bucket_name": "testing-bucket",
      "binding": "MY_BUCKET",
      "experimental_remote": true,
    },
  ],
}

wrangler.toml

[[r2_buckets]]
bucket_name = "testing-bucket"
binding = "MY_BUCKET"
experimental_remote = true

You can then run next dev to start a local development session (or start a preview with opennextjs-cloudflare preview), and all requests to env.MY_BUCKET will be proxied to the remote testing-bucket — rather than the default local binding simulations.

Remote bindings & ISR

Remote bindings are also used during the build process, which comes with significant benefits for pages using Incremental Static Regeneration (ISR). During the build step for an ISR page, your server executes the page's code just as it would for normal user requests. If a page needs data to display (like fetching user info from KV), those requests are actually made. The server then uses this fetched data to render the final HTML.

Data fetching is a critical part of this process, as the finished HTML is only as good as the data it was built with. If the build process can't fetch real data, you end up with a pre-rendered page that's empty or incomplete.

With remote bindings support in OpenNext, your pre-rendered pages are built with real data from the start. The build process uses any configured remote bindings, and any data fetching occurs against the deployed resources on your Cloudflare account.

Want to learn more? Get started with remote bindings and OpenNext.

Have feedback? Join the discussion in our beta announcement to share feedback or report any issues.

Workers - Run and connect Workers in separate dev commands with the Cloudflare Vite plugin

Thu, 26 Jun 2025 00:00:00 GMT

Workers can now talk to each other across separate dev commands using service bindings and tail consumers, whether started with vite dev or wrangler dev.

Simply start each Worker in its own terminal:

# Terminal 1
vite dev

# Terminal 2
wrangler dev

This is useful when different teams maintain different Workers, or when each Worker has its own build setup or tooling.

Check out the Developing with multiple Workers guide to learn more about the different approaches and when to use each one.

Agents, Workers, Workflows - Run AI-generated code on-demand with Code Sandboxes (new)

Wed, 25 Jun 2025 00:00:00 GMT

AI is supercharging app development for everyone, but we need a safe way to run untrusted, LLM-written code. We’re introducing Sandboxes, which let your Worker run actual processes in a secure, container-based environment.

import { getSandbox } from "@cloudflare/sandbox";
export { Sandbox } from "@cloudflare/sandbox";

export default {
  async fetch(request: Request, env: Env) {
    const sandbox = getSandbox(env.Sandbox, "my-sandbox");
    return sandbox.exec("ls", ["-la"]);
  },
};

Methods

exec(command: string, args: string[], options?: { stream?: boolean }):Execute a command in the sandbox.
gitCheckout(repoUrl: string, options: { branch?: string; targetDir?: string; stream?: boolean }): Checkout a git repository in the sandbox.
mkdir(path: string, options: { recursive?: boolean; stream?: boolean }): Create a directory in the sandbox.
writeFile(path: string, content: string, options: { encoding?: string; stream?: boolean }): Write content to a file in the sandbox.
readFile(path: string, options: { encoding?: string; stream?: boolean }): Read content from a file in the sandbox.
deleteFile(path: string, options?: { stream?: boolean }): Delete a file from the sandbox.
renameFile(oldPath: string, newPath: string, options?: { stream?: boolean }): Rename a file in the sandbox.
moveFile(sourcePath: string, destinationPath: string, options?: { stream?: boolean }): Move a file from one location to another in the sandbox.
ping(): Ping the sandbox.

Sandboxes are still experimental. We're using them to explore how isolated, container-like workloads might scale on Cloudflare — and to help define the developer experience around them.

You can try it today from your Worker, with just a few lines of code. Let us know what you build.

Durable Objects, Workers - @cloudflare/actors library - SDK for Durable Objects in beta

Wed, 25 Jun 2025 00:00:00 GMT

The new @cloudflare/actors library is now in beta!

The @cloudflare/actors library is a new SDK for Durable Objects and provides a powerful set of abstractions for building real-time, interactive, and multiplayer applications on top of Durable Objects. With beta usage and feedback, @cloudflare/actors will become the recommended way to build on Durable Objects and draws upon Cloudflare's experience building products/features on Durable Objects.

The name "actors" originates from the actor programming model, which closely ties to how Durable Objects are modelled.

The @cloudflare/actors library includes:

Storage helpers for querying embeddeded, per-object SQLite storage
Storage helpers for managing SQL schema migrations
Alarm helpers for scheduling multiple alarms provided a date, delay in seconds, or cron expression
Actor class for using Durable Objects with a defined pattern
Durable Objects Workers API is always available for your application as needed

Storage and alarm helper methods can be combined with any Javascript class that defines your Durable Object, i.e, ones that extend DurableObject including the Actor class.

import { Storage } from "@cloudflare/actors/storage";

export class ChatRoom extends DurableObject<Env> {
    storage: Storage;

    constructor(ctx: DurableObjectState, env: Env) {
        super(ctx, env)
        this.storage = new Storage(ctx.storage);
        this.storage.migrations = [{
            idMonotonicInc: 1,
            description: "Create users table",
            sql: "CREATE TABLE IF NOT EXISTS users (id INTEGER PRIMARY KEY)"
        }]
    }
    async fetch(request: Request): Promise<Response> {
        // Run migrations before executing SQL query
        await this.storage.runMigrations();

        // Query with SQL template
        let userId = new URL(request.url).searchParams.get("userId");
        const query = this.storage.sql`SELECT * FROM users WHERE id = ${userId};`
        return new Response(`${JSON.stringify(query)}`);
    }
}

@cloudflare/actors library introduces the Actor class pattern. Actor lets you access Durable Objects without writing the Worker that communicates with your Durable Object (the Worker is created for you). By default, requests are routed to a Durable Object named "default".

export class MyActor extends Actor<Env> {
    async fetch(request: Request): Promise<Response> {
        return new Response('Hello, World!')
    }
}

export default handler(MyActor);

You can route to different Durable Objects by name within your Actor class using nameFromRequest.

export class MyActor extends Actor<Env> {
    static nameFromRequest(request: Request): string {
        let url = new URL(request.url);
        return url.searchParams.get("userId") ?? "foo";
    }

    async fetch(request: Request): Promise<Response> {
        return new Response(`Actor identifier (Durable Object name): ${this.identifier}`);
    }
}

export default handler(MyActor);

For more examples, check out the library README. @cloudflare/actors library is a place for more helpers and built-in patterns, like retry handling and Websocket-based applications, to reduce development overhead for common Durable Objects functionality. Please share feedback and what more you would like to see on our Discord channel.

Data Loss Prevention, CASB, Cloudflare One - Data Security Analytics in the Zero Trust dashboard

Mon, 23 Jun 2025 09:00:00 GMT

Zero Trust now includes Data security analytics, providing you with unprecedented visibility into your organization sensitive data.

The new dashboard includes:

Sensitive Data Movement Over Time:
- See patterns and trends in how sensitive data moves across your environment. This helps understand where data is flowing and identify common paths.
Sensitive Data at Rest in SaaS & Cloud:
- View an inventory of sensitive data stored within your corporate SaaS applications (for example, Google Drive, Microsoft 365) and cloud accounts (such as AWS S3).
DLP Policy Activity:
- Identify which of your Data Loss Prevention (DLP) policies are being triggered most often.
- See which specific users are responsible for triggering DLP policies.

To access the new dashboard, log in to Cloudflare One and go to Insights on the sidebar.

Cloudflare Fundamentals - Cloudflare User Groups & SCIM User Groups are now in GA

Mon, 23 Jun 2025 00:00:00 GMT

We're announcing the GA of User Groups for Cloudflare Dashboard and System for Cross Domain Identity Management (SCIM) User Groups, strengthening our RBAC capabilities with stable, production-ready primitives for managing access at scale.

What's New

User Groups [GA]: User Groups are a new Cloudflare IAM primitive that enable administrators to create collections of account members that are treated equally from an access control perspective. User Groups can be assigned permission policies, with individual members in the group inheriting all permissions granted to the User Group. User Groups can be created manually or via our APIs.

SCIM User Groups [GA]: Centralize & simplify your user and group management at scale by syncing memberships directly from your upstream identity provider (like Okta or Entra ID) to the Cloudflare Platform. This ensures Cloudflare stays in sync with your identity provider, letting you apply Permission Policies to those synced groups directly within the Cloudflare Dashboard.

Stability & Scale: These features have undergone extensive testing during the Public Beta period and are now ready for production use across enterprises of all sizes.

For more info:

Network Interconnect - CNI maintenance alerts

Fri, 20 Jun 2025 00:00:00 GMT

Customers using Cloudflare Network Interconnect with the v1 dataplane can now subscribe to maintenance alert emails. These alerts notify you of planned maintenance windows that may affect your CNI circuits.

For more information, refer to Monitoring and alerts.

Workers - Increased blob size limits in Workers Analytics Engine

Fri, 20 Jun 2025 00:00:00 GMT

We’ve increased the total allowed size of blob fields on data points written to Workers Analytics Engine from 5 KB to 16 KB.

This change gives you more flexibility when logging rich observability data — such as base64-encoded payloads, AI inference traces, or custom metadata — without hitting request size limits.

You can find full details on limits for queries, filters, payloads, and more here in the Workers Analytics Engine limits documentation.

JavaScript

export default {
  async fetch(request, env) {
    env.analyticsDataset.writeDataPoint({
      // The sum of all of the blob's sizes can now be 16 KB
      blobs: [
        // The URL of the request to the Worker
        request.url,
        // Some metadata about your application you'd like to store
        JSON.stringify(metadata),
        // The version of your Worker this datapoint was collected from
        env.versionMetadata.tag,
      ],
      indexes: ["sample-index"],
    });
  },
};

TypeScript

export default {
  async fetch(request, env) {
    env.analyticsDataset.writeDataPoint({
      // The sum of all of the blob's sizes can now be 16 KB
      blobs: [
        // The URL of the request to the Worker
        request.url,
        // Some metadata about your application you'd like to store
        JSON.stringify(metadata),
        // The version of your Worker this datapoint was collected from
        env.versionMetadata.tag,
      ],
      indexes: ["sample-index"],
    });
  }
};

AI Search - View custom metadata in responses and guide AI-search with context in AutoRAG

Thu, 19 Jun 2025 00:00:00 GMT

In AutoRAG, you can now view your object's custom metadata in the response from /search and /ai-search, and optionally add a context field in the custom metadata of an object to provide additional guidance for AI-generated answers.

You can add custom metadata to an object when uploading it to your R2 bucket.

Object's custom metadata in search responses

When you run a search, AutoRAG now returns any custom metadata associated with the object. This metadata appears in the response inside attributes then file , and can be used for downstream processing.

For example, the attributes section of your search response may look like:

{
  "attributes": {
    "timestamp": 1750001460000,
    "folder": "docs/",
    "filename": "launch-checklist.md",
    "file": {
      "url": "https://wiki.company.com/docs/launch-checklist",
      "context": "A checklist for internal launch readiness, including legal, engineering, and marketing steps."
    }
  }
}

Add a `context` field to guide LLM answers

When you include a custom metadata field named context, AutoRAG attaches that value to each chunk of the file. When you run an /ai-search query, this context is passed to the LLM and can be used as additional input when generating an answer.

We recommend using the context field to describe supplemental information you want the LLM to consider, such as a summary of the document or a source URL. If you have several different metadata attributes, you can join them together however you choose within the context string.

For example:

{
  "context": "summary: 'Checklist for internal product launch readiness, including legal, engineering, and marketing steps.'; url: 'https://wiki.company.com/docs/launch-checklist'"
}

This gives you more control over how your content is interpreted, without requiring you to modify the original contents of the file.

Learn more in AutoRAG's metadata filtering documentation.

AI Search - Filter your AutoRAG search by file name

Thu, 19 Jun 2025 00:00:00 GMT

In AutoRAG, you can now filter by an object's file name using the filename attribute, giving you more control over which files are searched for a given query.

This is useful when your application has already determined which files should be searched. For example, you might query a PostgreSQL database to get a list of files a user has access to based on their permissions, and then use that list to limit what AutoRAG retrieves.

For example, your search query may look like:

const response = await env.AI.autorag("my-autorag").search({
  query: "what is the project deadline?",
  filters: {
    type: "eq",
    key: "filename",
    value: "project-alpha-roadmap.md",
  },
});

This allows you to connect your application logic with AutoRAG's retrieval process, making it easy to control what gets searched without needing to reindex or modify your data.

Learn more in AutoRAG's metadata filtering documentation.

DNS - Account-level DNS analytics now available via GraphQL Analytics API

Thu, 19 Jun 2025 00:00:00 GMT

Authoritative DNS analytics are now available on the account level via the Cloudflare GraphQL Analytics API.

This allows users to query DNS analytics across multiple zones in their account, by using the accounts filter.

Here is an example to retrieve the most recent DNS queries across all zones in your account that resulted in an NXDOMAIN response over a given time frame. Please replace a30f822fcd7c401984bf85d8f2a5111c with your actual account ID.

query GetLatestNXDOMAINResponses {
  viewer {
    accounts(filter: { accountTag: "a30f822fcd7c401984bf85d8f2a5111c" }) {
      dnsAnalyticsAdaptive(
        filter: {
          date_geq: "2025-06-16"
          date_leq: "2025-06-18"
          responseCode: "NXDOMAIN"
        }
        limit: 10000
        orderBy: [datetime_DESC]
      ) {
        zoneTag
        queryName
        responseCode
        queryType
        datetime
      }
    }
  }
}

Run in GraphQL API Explorer

To learn more and get started, refer to the DNS Analytics documentation.

D1, Workers, Workers for Platforms - Automate Worker deployments with a simplified SDK and more reliable Terraform provider

Thu, 19 Jun 2025 00:00:00 GMT

Simplified Worker Deployments with our SDKs

We've simplified the programmatic deployment of Workers via our Cloudflare SDKs. This update abstracts away the low-level complexities of the multipart/form-data upload process, allowing you to focus on your code while we handle the deployment mechanics.

This new interface is available in:

cloudflare-typescript (4.4.1)
cloudflare-python (4.3.1)

For complete examples, see our guide on programmatic Worker deployments.

The Old way: Manual API calls

Previously, deploying a Worker programmatically required manually constructing a multipart/form-data HTTP request, packaging your code and a separate metadata.json file. This was more complicated and verbose, and prone to formatting errors.

For example, here's how you would upload a Worker script previously with cURL:

curl https://api.cloudflare.com/client/v4/accounts/<account_id>/workers/scripts/my-hello-world-script \
  -X PUT \
  -H 'Authorization: Bearer <api_token>' \
  -F 'metadata={
        "main_module": "my-hello-world-script.mjs",
        "bindings": [
          {
            "type": "plain_text",
            "name": "MESSAGE",
            "text": "Hello World!"
          }
        ],
        "compatibility_date": "$today"
      };type=application/json' \
  -F 'my-hello-world-script.mjs=@-;filename=my-hello-world-script.mjs;type=application/javascript+module' <<EOF
export default {
  async fetch(request, env, ctx) {
    return new Response(env.MESSAGE, { status: 200 });
  }
};
EOF

After: SDK interface

With the new SDK interface, you can now define your entire Worker configuration using a single, structured object.

This approach allows you to specify metadata like main_module, bindings, and compatibility_date as clearer properties directly alongside your script content. Our SDK takes this logical object and automatically constructs the complex multipart/form-data API request behind the scenes.

Here's how you can now programmatically deploy a Worker via the cloudflare-typescript SDK

JavaScript

import Cloudflare from "cloudflare";
import { toFile } from "cloudflare/index";

// ... client setup, script content, etc.

const script = await client.workers.scripts.update(scriptName, {
  account_id: accountID,
  metadata: {
    main_module: scriptFileName,
    bindings: [],
  },
  files: {
    [scriptFileName]: await toFile(Buffer.from(scriptContent), scriptFileName, {
      type: "application/javascript+module",
    }),
  },
});

TypeScript

import Cloudflare from 'cloudflare';
import { toFile } from 'cloudflare/index';

// ... client setup, script content, etc.

const script = await client.workers.scripts.update(scriptName, {
  account_id: accountID,
  metadata: {
    main_module: scriptFileName,
    bindings: [],
  },
  files: {
    [scriptFileName]: await toFile(Buffer.from(scriptContent), scriptFileName, {
      type: 'application/javascript+module',
    }),
  },
});

View the complete example here: https://github.com/cloudflare/cloudflare-typescript/blob/main/examples/workers/script-upload.ts

Terraform provider improvements

We've also made several fixes and enhancements to the Cloudflare Terraform provider:

Fixed the cloudflare_workers_script resource in Terraform, which previously was producing a diff even when there were no changes. Now, your terraform plan outputs will be cleaner and more reliable.
Fixed the cloudflare_workers_for_platforms_dispatch_namespace, where the provider would attempt to recreate the namespace on a terraform apply. The resource now correctly reads its remote state, ensuring stability for production environments and CI/CD workflows.
The cloudflare_workers_route resource now allows for the script property to be empty, null, or omitted to indicate that pattern should be negated for all scripts (see routes docs). You can now reserve a pattern or temporarily disable a Worker on a route without deleting the route definition itself.
Using primary_location_hint in the cloudflare_d1_database resource will no longer always try to recreate. You can now safely change the location hint for a D1 database without causing a destructive operation.

API improvements

We've also properly documented the Workers Script And Version Settings in our public OpenAPI spec and SDKs.

Gateway - Gateway will now evaluate Network policies before HTTP policies from July 14th, 2025

Wed, 18 Jun 2025 00:00:00 GMT

Gateway will now evaluate Network (Layer 4) policies before HTTP (Layer 7) policies. This change preserves your existing security posture and does not affect which traffic is filtered — but it may impact how notifications are displayed to end users.

This change will roll out progressively between July 14–18, 2025. If you use HTTP policies, we recommend reviewing your configuration ahead of rollout to ensure the user experience remains consistent.

Updated order of enforcement

Previous order:

DNS policies
HTTP policies
Network policies

New order:

DNS policies
Network policies
HTTP policies

Action required: Review your Gateway HTTP policies

This change may affect block notifications. For example:

You have an HTTP policy to block example.com and display a block page.
You also have a Network policy to block example.com silently (no client notification).

With the new order, the Network policy will trigger first — and the user will no longer see the HTTP block page.

To ensure users still receive a block notification, you can:

Add a client notification to your Network policy, or
Use only the HTTP policy for that domain.

Why we’re making this change

This update is based on user feedback and aims to:

Create a more intuitive model by evaluating network-level policies before application-level policies.
Minimize 526 connection errors by verifying the network path to an origin before attempting to establish a decrypted TLS connection.

To learn more, visit the Gateway order of enforcement documentation.

Log Explorer - Log Explorer is GA

Wed, 18 Jun 2025 00:00:00 GMT

Log Explorer is now GA, providing native observability and forensics for traffic flowing through Cloudflare.

Search and analyze your logs, natively in the Cloudflare dashboard. These logs are also stored in Cloudflare's network, eliminating many of the costs associated with other log providers.

With Log Explorer, you can now:

Monitor security and performance issues with custom dashboards – use natural language to define charts for measuring response time, error rates, top statistics and more.
Investigate and troubleshoot issues with Log Search – use data type-aware search filters or custom sql to investigate detailed logs.
Save time and collaborate with saved queries – save Log Search queries for repeated use or sharing with other users in your account.
Access Log Explorer at the account and zone level – easily find Log Explorer at the account and zone level for querying any dataset.

For help getting started, refer to our documentation.

Workers - Remote bindings public beta - Connect to remote resources (D1, KV, R2, etc.) during local development

Wed, 18 Jun 2025 00:00:00 GMT

Today we announced the public beta of remote bindings for local development. With remote bindings, you can now connect to deployed resources like R2 buckets and D1 databases while running Worker code on your local machine. This means you can test your local code changes against real data and services, without the overhead of deploying for each iteration.

Example configuration

To enable remote mode, add "experimental_remote" : true to each binding that you want to rely on a remote resource running on Cloudflare:

wrangler.jsonc

{
  "name": "my-worker",
  // Set this to today's date
  "compatibility_date": "2026-04-03",

  "r2_buckets": [
    {
      "bucket_name": "screenshots-bucket",
      "binding": "screenshots_bucket",
      "experimental_remote": true,
    },
  ],
}

wrangler.toml

name = "my-worker"
# Set this to today's date
compatibility_date = "2026-04-03"

[[r2_buckets]]
bucket_name = "screenshots-bucket"
binding = "screenshots_bucket"
experimental_remote = true

When remote bindings are configured, your Worker still executes locally, but all binding calls are proxied to the deployed resource that runs on Cloudflare's network.

You can try out remote bindings for local development today with:

Wrangler v4.20.3: Use the wrangler dev --x-remote-bindings command.
The Cloudflare Vite Plugin: Refer to the documentation for how to enable in your Vite config.
The Cloudflare Vitest Plugin: Refer to the documentation for how to enable in your Vitest config.

Have feedback? Join the discussion in our beta announcement to share feedback or report any issues.

Cloudflare One Client - WARP client for Windows (version 2025.5.828.1)

Tue, 17 Jun 2025 12:04:39 GMT

A new Beta release for the Windows WARP client is now available on the beta releases downloads page.

This release contains new improvements in addition to the features and improvements introduced in Beta client version 2025.5.735.1.

Changes and improvements

Improvement to better handle multi-user fast user switching.
Fix for an issue causing WARP connectivity to fail without full system reboot.

Known issues

Microsoft has confirmed a regression with Windows 11 starting around 24H2 that may cause performance issues for some users. These performance issues could manifest as mouse lag, audio cracking, or other slowdowns. A fix from Microsoft is expected in early July.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected. To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2025.5.828.1)

Tue, 17 Jun 2025 12:04:39 GMT

A new Beta release for the macOS WARP client is now available on the beta releases downloads page.

This release contains new improvements in addition to the features and improvements introduced in Beta client version 2025.5.735.1.

Changes and improvements

Improvement for WARP connectivity issues on macOS due to the operating system not accepting DNS server configurations.

Known issues

macOS Sequoia: Due to changes Apple introduced in macOS 15.0.x, the WARP client may not behave as expected. Cloudflare recommends the use of macOS 15.4 or later.

Cloudflare Fundamentals, Terraform - Terraform v5.6.0 now available

Tue, 17 Jun 2025 00:00:00 GMT

Earlier this year, we announced the launch of the new Terraform v5 Provider. Unlike the earlier Terraform providers, v5 is automatically generated based on the OpenAPI Schemas for our REST APIs. Since launch, we have seen an unexpectedly high number of issues reported by customers. These issues currently impact about 15% of resources. We have been working diligently to address these issues across the company, and have released the v5.6.0 release which includes a number of bug fixes. Please keep an eye on this changelog for more information about upcoming releases.

Changes

Broad fixes across resources with recurring diffs, including, but not limited to:
- cloudflare_zero_trust_access_identity_provider
  - cloudflare_zone
cloudflare_page_rules runtime panic when setting cache_level to cache_ttl_by_status
Failure to serialize requests in cloudflare_zero_trust_tunnel_cloudflared_config
Undocumented field 'priority' on zone_lockdown resource
Missing importability for cloudflare_zero_trust_device_default_profile_local_domain_fallback and cloudflare_account_subscription
New resources:
- cloudflare_schema_validation_operation_settings
- cloudflare_schema_validation_schemas
- cloudflare_schema_validation_settings
- cloudflare_zero_trust_device_settings
Other bug fixes

For a more detailed look at all of the changes, see the changelog in GitHub.

Issues Closed

If you have an unaddressed issue with the provider, we encourage you to check the open issues and open a new one if one does not already exist for what you are experiencing.

Upgrading

If you are evaluating a move from v4 to v5, please make use of the migration guide. We have provided automated migration scripts using Grit which simplify the transition, although these do not support implementations which use Terraform modules, so customers making use of modules need to migrate manually. Please make use of terraform plan to test your changes before applying, and let us know if you encounter any additional issues by reporting to our GitHub repository.

For more info

Workers - Control which routes invoke your Worker script for Single Page Applications

Tue, 17 Jun 2025 00:00:00 GMT

For those building Single Page Applications (SPAs) on Workers, you can now explicitly define which routes invoke your Worker script in Wrangler configuration. The run_worker_first config option has now been expanded to accept an array of route patterns, allowing you to more granularly specify when your Worker script runs.

Configuration example:

wrangler.jsonc

{
  "name": "my-spa-worker",
  // Set this to today's date
  "compatibility_date": "2026-04-03",
  "main": "./src/index.ts",
  "assets": {
    "directory": "./dist/",
    "not_found_handling": "single-page-application",
    "binding": "ASSETS",
    "run_worker_first": ["/api/*", "!/api/docs/*"]
  }
}

wrangler.toml

name = "my-spa-worker"
# Set this to today's date
compatibility_date = "2026-04-03"
main = "./src/index.ts"

[assets]
directory = "./dist/"
not_found_handling = "single-page-application"
binding = "ASSETS"
run_worker_first = [ "/api/*", "!/api/docs/*" ]

This new routing control was done in partnership with our community and customers who provided great feedback on our public proposal. Thank you to everyone who brought forward use-cases and feedback on the design!

Prerequisites

To use advanced routing control with run_worker_first, you'll need:

Wrangler v4.20.0 and above
Cloudflare Vite plugin v1.7.0 and above

Workers - SSRF vulnerability in @opennextjs/cloudflare proactively mitigated for all Cloudflare customers

Tue, 17 Jun 2025 00:00:00 GMT

Mitigations have been put in place for all existing and future deployments of sites with the Cloudflare adapter for Open Next in response to an identified Server-Side Request Forgery (SSRF) vulnerability in the @opennextjs/cloudflare package.

The vulnerability stemmed from an unimplemented feature in the Cloudflare adapter for Open Next, which allowed users to proxy arbitrary remote content via the /_next/image endpoint.

This issue allowed attackers to load remote resources from arbitrary hosts under the victim site's domain for any site deployed using the Cloudflare adapter for Open Next. For example: https://victim-site.com/_next/image?url=https://attacker.com. In this example, attacker-controlled content from attacker.com is served through the victim site's domain (victim-site.com), violating the same-origin policy and potentially misleading users or other services.

References: https://www.cve.org/cverecord?id=CVE-2025-6087, https://github.com/opennextjs/opennextjs-cloudflare/security/advisories/GHSA-rvpw-p7vw-wj3m

Impact

SSRF via unrestricted remote URL loading
Arbitrary remote content loading
Potential internal service exposure or phishing risks through domain abuse

Mitigation

The following mitigations have been put in place:

Server side updates to Cloudflare's platform to restrict the content loaded via the /_next/image endpoint to images. The update automatically mitigates the issue for all existing and any future sites deployed to Cloudflare using the affected version of the Cloudflare adapter for Open Next

Root cause fix: Pull request #727 to the Cloudflare adapter for Open Next. The patched version of the adapter has been released as @opennextjs/cloudflare@1.3.0

Package dependency update: Pull request cloudflare/workers-sdk#9608 to create-cloudflare (c3) to use the fixed version of the Cloudflare adapter for Open Next. The patched version of create-cloudflare has been published as create-cloudflare@2.49.3.

In addition to the automatic mitigation deployed on Cloudflare's platform, we encourage affected users to upgrade to @opennext/cloudflare v1.3.0 and use the remotePatterns filter in Next config if they need to allow-list external urls with images assets.

DNS - Internal DNS (beta) now manageable in the Cloudflare dashboard

Mon, 16 Jun 2025 00:00:00 GMT

Participating beta testers can now fully configure Internal DNS directly in the Cloudflare dashboard.

Internal DNS enables customers to:

Map internal hostnames to private IPs for services, devices, and applications not exposed to the public Internet
Resolve internal DNS queries securely through Cloudflare Gateway
Use split-horizon DNS to return different responses based on network context
Consolidate internal and public DNS zones within a single management platform

What’s new in this release:

Beta participants can now create and manage internal zones and views in the Cloudflare dashboard

To learn more and get started, refer to the Internal DNS documentation.

WAF - WAF Release - 2025-06-16

Mon, 16 Jun 2025 00:00:00 GMT

This week’s roundup highlights multiple critical vulnerabilities across popular web frameworks, plugins, and enterprise platforms. The focus lies on remote code execution (RCE), server-side request forgery (SSRF), and insecure file upload vectors that enable full system compromise or data exfiltration.

Key Findings

Cisco IOS XE (CVE-2025-20188): Critical RCE vulnerability enabling unauthenticated attackers to execute arbitrary commands on network infrastructure devices, risking total router compromise.
Axios (CVE-2024-39338): SSRF flaw impacting server-side request control, allowing attackers to manipulate internal service requests when misconfigured with unsanitized user input.
vBulletin (CVE-2025-48827, CVE-2025-48828): Two high-impact RCE flaws enabling attackers to remotely execute PHP code, compromising forum installations and underlying web servers.
Invision Community (CVE-2025-47916): A critical RCE vulnerability allowing authenticated attackers to run arbitrary code in community platforms, threatening data and lateral movement risk.
CrushFTP (CVE-2025-32102, CVE-2025-32103): SSRF vulnerabilities in upload endpoint processing permit attackers to pivot internal network scans and abuse internal services.
Roundcube (CVE-2025-49113): RCE via email processing enables attackers to execute code upon viewing a crafted email — particularly dangerous for webmail deployments.
WooCommerce WordPress Plugin (CVE-2025-47577): Dangerous file upload vulnerability permits unauthenticated users to upload executable payloads, leading to full WordPress site takeover.
Cross-Site Scripting (XSS) Detection Improvements: Enhanced detection patterns.

Impact

These vulnerabilities span core systems — from routers to e-commerce to email. RCE in Cisco IOS XE, Roundcube, and vBulletin poses full system compromise. SSRF in Axios and CrushFTP supports internal pivoting, while WooCommerce’s file upload bug opens doors to mass WordPress exploitation.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	233bcf0ce50f400989a7e44a35fefd53	100783	Cisco IOS XE - Remote Code Execution - CVE:CVE-2025-20188	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	9284e3b1586341acb4591bfd8332af5d	100784	Axios - SSRF - CVE:CVE-2024-39338	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	2672b175a25548aa8e0107b12e1648d2	100785	vBulletin - Remote Code Execution - CVE:CVE-2025-48827, CVE:CVE-2025-48828	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	b77a19fb053744b49eacdab00edcf1ef	100786	Invision Community - Remote Code Execution - CVE:CVE-2025-47916	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	aec2274743064523a9667248d6f5eb48	100791	CrushFTP - SSRF - CVE:CVE-2025-32102, CVE:CVE-2025-32103	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	7b80e1f5575d4d99bb7d56ae30baa18a	100792	Roundcube - Remote Code Execution - CVE:CVE-2025-49113	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	52d76f9394494b0382c7cb00229ba236	100793	XSS - Ontoggle	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	d38e657bd43f4d809c28157dfa338296	100794	WordPress WooCommerce Plugin - Dangerous File Upload - CVE:CVE-2025-47577	Log	Block	This is a New Detection

Workers - Grant account members read-only access to the Workers Platform

Mon, 16 Jun 2025 00:00:00 GMT

You can now grant members of your Cloudflare account read-only access to the Workers Platform.

The new "Workers Platform (Read-only)" role grants read-only access to all products typically used as part of Cloudflare's Developer Platform, including Workers, Pages, Durable Objects, KV, R2, Zones, Zone Analytics and Page Rules. When Cloudflare introduces new products to the Workers platform, we will add additional read-only permissions to this role.

Additionally, the role previously named "Workers Admin" has been renamed to "Workers Platform Admin". This change ensures that the name more accurately reflects the permissions granted — this role has always granted access to more than just Workers — it grants read and write access to the products mentioned above, and similarly, as new products are added to the Workers platform, we will add additional read and write permissions to this role.

You can review the updated roles in the developer docs.

DNS - NSEC3 support for DNSSEC

Wed, 11 Jun 2025 00:00:00 GMT

Enterprise customers can now select NSEC3 as method for proof of non-existence on their zones.

What's new:

NSEC3 support for live-signed zones – For both primary and secondary zones that are configured to be live-signed (also known as "on-the-fly signing"), NSEC3 can now be selected as proof of non-existence.
NSEC3 support for pre-signed zones – Secondary zones that are transferred to Cloudflare in a pre-signed setup now also support NSEC3 as proof of non-existence.

For more information and how to enable NSEC3, refer to the NSEC3 documentation.

Stream - Increased limits for Media Transformations

Tue, 10 Jun 2025 00:00:00 GMT

We have increased the limits for Media Transformations:

Input file size limit is now 100MB (was 40MB)
Output video duration limit is now 1 minute (was 30 seconds)

Additionally, we have improved caching of the input asset, resulting in fewer requests to origin storage even when transformation options may differ.

For more information, learn about Transforming Videos.

Workers - Access git commit sha and branch name as environment variables in Workers Builds

Tue, 10 Jun 2025 00:00:00 GMT

Workers Builds connects your Worker to a Git repository, and automates building and deploying your code on each pushed change.

To make CI/CD pipelines even more flexible, Workers Builds now automatically injects default environment variables into your build process (much like the defaults in Cloudflare Pages projects). You can use these variables to customize your build process based on the deployment context, such as the branch or commit.

The following environment variables are injected by default:

Environment Variable	Injected value	Example use-case
`CI`	`true`	Changing build behavior when run on CI versus locally
`WORKERS_CI`	`1`	Changing build behavior when run on Workers Builds versus locally
`WORKERS_CI_BUILD_UUID`	`<build-uuid-of-current-build>`	Passing the Build UUID along to custom workflows
`WORKERS_CI_COMMIT_SHA`	`<sha1-hash-of-current-commit>`	Passing current commit ID to error reporting, for example, Sentry
`WORKERS_CI_BRANCH`	`<branch-name-from-push-event`	Customizing build based on branch, for example, disabling debug logging on `production`

You can override these default values and add your own custom environment variables by navigating to your Worker > Settings > Environment variables.

Learn more in the Build configuration documentation.

Rules - More flexible fallback handling — Custom Errors now support fetching assets returned with 4xx or 5xx status codes

Mon, 09 Jun 2025 00:00:00 GMT

Custom Errors can now fetch and store assets and error pages from your origin even if they are served with a 4xx or 5xx HTTP status code — previously, only 200 OK responses were allowed.

What’s new:

You can now upload error pages and error assets that return error status codes (for example, 403, 500, 502, 503, 504) when fetched.
These assets are stored and minified at the edge, so they can be reused across multiple Custom Error rules without triggering requests to the origin.

This is especially useful for retrieving error content or downtime banners from your backend when you can’t override the origin status code.

Learn more in the Custom Errors documentation.

Rules - Match Workers subrequests by upstream zone — cf.worker.upstream_zone now supported in Transform Rules

Mon, 09 Jun 2025 00:00:00 GMT

You can now use the cf.worker.upstream_zone field in Transform Rules to control rule execution based on whether a request originates from Workers, including subrequests issued by Workers in other zones.

What's new:

cf.worker.upstream_zone is now supported in Transform Rules expressions.
Skip or apply logic conditionally when handling Workers subrequests.

For example, to add a header when the subrequest comes from another zone:

Text in Expression Editor (replace myappexample.com with your domain):

(cf.worker.upstream_zone != "" and cf.worker.upstream_zone != "myappexample.com")

Selected operation under Modify request header: Set static

Header name: X-External-Workers-Subrequest

Value: 1

This gives you more granular control in how you handle incoming requests for your zone.

Learn more in the Transform Rules documentation and Rules language fields reference.

WAF - WAF Release - 2025-06-09

Mon, 09 Jun 2025 00:00:00 GMT

This week’s update spotlights four critical vulnerabilities across CMS platforms, VoIP systems, and enterprise applications. Several flaws enable remote code execution or privilege escalation, posing significant enterprise risks.

Key Findings

WordPress OttoKit Plugin (CVE-2025-27007): Privilege escalation flaw allows unauthenticated attackers to create or elevate user accounts, compromising WordPress administrative control.
SAP NetWeaver (CVE-2025-42999): Remote Code Execution vulnerability enables attackers to execute arbitrary code on SAP NetWeaver systems, threatening core ERP and business operations.
Fortinet FortiVoice (CVE-2025-32756): Buffer error vulnerability may lead to memory corruption and potential code execution, directly impacting enterprise VoIP infrastructure.
Camaleon CMS (CVE-2024-46986): Remote Code Execution vulnerability allows attackers to gain full control over Camaleon CMS installations, exposing hosted content and underlying servers.

Impact

These vulnerabilities target widely deployed CMS, ERP, and VoIP systems. RCE flaws in SAP NetWeaver and Camaleon CMS allow full takeover of business-critical applications. Privilege escalation in OttoKit exposes WordPress environments to full administrative compromise. FortiVoice buffer handling issues risk destabilizing or fully compromising enterprise telephony systems.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	4afd50a3ef1948bba87c4e620debd86e	100769	WordPress OttoKit Plugin - Privilege Escalation - CVE:CVE-2025-27007	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	24134c41c3e940daa973b4b95f57b448	100770	SAP NetWeaver - Remote Code Execution - CVE:CVE-2025-42999	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	4f219ac0be3545a5be5f0bf34df8857a	100779	Fortinet FortiVoice - Buffer Error - CVE:CVE-2025-32756	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	bc8dfbe8cbac4c039725ec743b840107	100780	Camaleon CMS - Remote Code Execution - CVE:CVE-2024-46986	Log	Block	This is a New Detection

Workers - Workers native integrations were removed from the Cloudflare dashboard

Mon, 09 Jun 2025 00:00:00 GMT

Workers native integrations were originally launched in May 2023 to connect to popular database and observability providers with your Worker in just a few clicks. We are changing how developers connect Workers to these external services. The Integrations tab in the dashboard has been removed in favor of a more direct, command-line-based approach using Wrangler secrets.

What's changed

Integrations tab removed: The integrations setup flow is no longer available in the Workers dashboard.
Manual secret configuration: New connections should be configured by adding credentials as secrets to your Workers using npx wrangler secret put commands.

Impact on existing integrations

Existing integrations will continue to work without any changes required. If you have integrations that were previously created through the dashboard, they will remain functional.

Updating existing integrations

If you'd like to modify your existing integration, you can update the secrets, environment variables, or Tail Workers that were created from the original integration setup.

Update secrets: Use npx wrangler secret put <SECRET_NAME> to update credential values.
Modify environment variables: Update variables through the dashboard or Wrangler configuration.
Dashboard management: Access your Worker's settings in the Cloudflare dashboard to modify connections created by our removed native integrations feature.

If you have previously set up an observability integration with Sentry, the following environment variables were set and are still modifiable:

BLOCKED_HEADERS: headers to exclude sending to Sentry
EXCEPTION_SAMPLING_RATE: number from 0 - 100, where 0 = no events go through to Sentry, and 100 = all events go through to Sentry
STATUS_CODES_TO_SAMPLING_RATES: a map of status codes -- like 400 or with wildcards like 4xx -- to sampling rates described above

Setting up new database and observability connections

For new connections, refer to our step-by-step guides on connecting to popular database and observability providers including: Sentry, Turso, Neon, Supabase, PlanetScale, Upstash, Xata.

Cloudflare One Client - WARP client for Windows (version 2025.5.735.1)

Thu, 05 Jun 2025 20:38:05 GMT

A new Beta release for the Windows WARP client is now available on the beta releases downloads page.

Changes and improvements

Fixed a device registration issue causing WARP connection failures when changing networks.
Captive portal improvements including showing connectivity status in the client and sending system notifications for captive portal sign in.
Fixed a bug where in Gateway with DoH mode, connection to DNS servers was not automatically restored after reconnecting WARP.
The WARP client now applies post-quantum cryptography end-to-end on enabled devices accessing resources behind a Cloudflare Tunnel. This feature can be enabled by MDM.
Improvement to gracefully handle changes made by MDM while WARP is not running.
Improvement for multi-user mode to avoid unnecessary key rotations when transitioning from a pre-login to a logged-in state.
Added a WARP client device posture check for SAN attributes to the client certificate check.
Fixed an issue affecting Split Tunnel Include mode, where traffic outside the tunnel was blocked when switching between Wi-Fi and Ethernet networks.
Added SCCM VPN boundary support to device profile settings. With SCCM VPN boundary support enabled, operating systems will register WARP's local interface IP with the on-premise DNS server when reachable.

Known issues

Microsoft has confirmed a regression with Windows 11 starting around 24H2 that may cause performance issues for some users. These performance issues could manifest as mouse lag, audio cracking, or other slowdowns. A fix from Microsoft is expected in early July.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.
DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected. To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2025.5.735.1)

Thu, 05 Jun 2025 20:38:04 GMT

A new Beta release for the macOS WARP client is now available on the beta releases downloads page.

Changes and improvements

Fixed an issue where the Cloudflare WARP application may not have automatically relaunched after an update.
Fixed a device registration issue causing WARP connection failures when changing networks.
Captive portal improvements including showing connectivity status in the client and sending system notifications for captive portal sign in.
The WARP client now applies post-quantum cryptography end-to-end on enabled devices accessing resources behind a Cloudflare Tunnel. This feature can be enabled by MDM.
Improvement to gracefully handle changes made by MDM while WARP is not running.
Fixed an issue affecting Split Tunnel Include mode, where traffic outside the tunnel was blocked when switching between Wi-Fi and Ethernet networks.

Known issues

macOS Sequoia: Due to changes Apple introduced in macOS 15.0.x, the WARP client may not behave as expected. Cloudflare recommends the use of macOS 15.4 or later.

Workers - Performance and size optimization for the Cloudflare adapter for Open Next

Thu, 05 Jun 2025 19:00:00 GMT

With the release of the Cloudflare adapter for Open Next v1.0.0 in May 2025, we already had followups plans to improve performance and size.

@opennextjs/cloudflare v1.2 released on June 5, 2025 delivers on these enhancements. By removing babel from the app code and dropping a dependency on @ampproject/toolbox-optimizer, we were able to reduce generated bundle sizes. Additionally, by stopping preloading of all app routes, we were able to improve the cold start time.

This means that users will now see a decrease from 14 to 8MiB (2.3 to 1.6MiB gzipped) in generated bundle size for a Next app created via create-next-app, and typically 100ms faster startup times for their medium-sized apps.

Users only need to update to the latest version of @opennextjs/cloudflare to automatically benefit from these improvements.

Note that we published CVE-2005-6087 for a SSRF vulnerability in the @opennextjs/cloudflare package. The vulnerability has been fixed from @opennextjs/cloudflare v1.3.0 onwards. Please update to any version after this one.

Access, Cloudflare One - Cloudflare One Analytics Dashboards and Exportable Access Report

Thu, 05 Jun 2025 00:00:00 GMT

Cloudflare One now offers powerful new analytics dashboards to help customers easily discover available insights into their application access and network activity. These dashboards provide a centralized, intuitive view for understanding user behavior, application usage, and security posture.

![Cloudflare One Analytics Dashboards](~/assets/images/changelog/cloudflare-one/Analytics Dashboards.png)

Additionally, a new exportable access report is available, allowing customers to quickly view high-level metrics and trends in their application access. A preview of the report is shown below, with more to be found in the report:

Both features are accessible in the Cloudflare Zero Trust dashboard, empowering organizations with better visibility and control.

Load Balancing - New Account-Level Load Balancing UI and Private Load Balancers

Wed, 04 Jun 2025 00:00:00 GMT

We've made two large changes to load balancing:

Redesigned the user interface, now centralized at the account level.
Introduced Private Load Balancers to the UI, enabling you to manage traffic for all of your external and internal applications in a single spot.

This update streamlines how you manage load balancers across multiple zones and extends robust traffic management to your private network infrastructure.

Key Enhancements:

Account-Level UI Consolidation:
- Unified Management: Say goodbye to navigating individual zones for load balancing tasks. You can now view, configure, and monitor all your load balancers across every zone in your account from a single, intuitive interface at the account level.
- Improved Efficiency: This centralized approach provides a more streamlined workflow, making it faster and easier to manage both your public-facing and internal traffic distribution.
Private Network Load Balancing:
- Secure Internal Application Access: Create Private Load Balancers to distribute traffic to applications hosted within your private network, ensuring they are not exposed to the public Internet.
- WARP & Magic WAN Integration: Effortlessly direct internal traffic from users connected via Cloudflare WARP or through your Magic WAN infrastructure to the appropriate internal endpoint pools.
- Enhanced Security for Internal Resources: Combine reliable Load Balancing with Zero Trust access controls to ensure your internal services are both performant and only accessible by verified users.

AI Gateway - AI Gateway adds OpenAI compatible endpoint

Tue, 03 Jun 2025 00:00:00 GMT

Users can now use an OpenAI Compatible endpoint in AI Gateway to easily switch between providers, while keeping the exact same request and response formats. We're launching now with the chat completions endpoint, with the embeddings endpoint coming up next.

To get started, use the OpenAI compatible chat completions endpoint URL with your own account id and gateway id and switch between providers by changing the model and apiKey parameters.

import OpenAI from "openai";
const client = new OpenAI({
  apiKey: "YOUR_PROVIDER_API_KEY", // Provider API key
  baseURL:
    "https://gateway.ai.cloudflare.com/v1/{account_id}/{gateway_id}/compat",
});

const response = await client.chat.completions.create({
  model: "google-ai-studio/gemini-2.0-flash",
  messages: [{ role: "user", content: "What is Cloudflare?" }],
});

console.log(response.choices[0].message.content);

Additionally, the OpenAI Compatible endpoint can be combined with our Universal Endpoint to add fallbacks across multiple providers. That means AI Gateway will return every response in the same standardized format, no extra parsing logic required!

Learn more in the OpenAI Compatibility documentation.

DNS - Improved onboarding for Shopify merchants

Tue, 03 Jun 2025 00:00:00 GMT

Shopify merchants can now onboard to O2O automatically, without needing to contact support or community members.

What's new:

Automatic enablement – O2O is available for all mutual Cloudflare and Shopify customers.
Branded record display – Merchants see a Shopify logo in DNS records, complete with helpful tooltips.
Checkout protection – Workers and Snippets are blocked from running on the checkout path to reduce risk and improve security.

For more information, refer to the provider guide.

Workers - View an architecture diagram of your Worker directly in the Cloudflare dashboard

Tue, 03 Jun 2025 00:00:00 GMT

You can now visualize, explore and modify your Worker’s architecture directly in the Cloudflare dashboard, making it easier to understand how your application connects to Cloudflare resources like D1 databases, Durable Objects, KV namespaces, and more.

With this new view, you can easily:

Explore existing bindings in a visual, architecture-style diagram
Add and manage bindings directly from the same interface
Discover the full range of compute, storage, AI, and media resources you can attach to your Workers application.

To get started, head to the Cloudflare dashboard and open the Bindings tab of any Workers application.

Cloudflare Fundamentals - Cloudflare User Groups & Enhanced Permission Policies are now in Beta

Mon, 02 Jun 2025 00:00:00 GMT

We're excited to announce the Public Beta launch of User Groups for Cloudflare Dashboard and System for Cross Domain Identity Management (SCIM) User Groups, expanding our RBAC capabilities to simplify user and group management at scale.

We've also visually overhauled the Permission Policies UI to make defining permissions more intuitive.

What's New

User Groups [BETA]: User Groups are a new Cloudflare IAM primitive that enable administrators to create collections of account members that are treated equally from an access control perspective. User Groups can be assigned permission policies, with individual members in the group inheriting all permissions granted to the User Group. User Groups can be created manually or via our APIs.

SCIM User Groups [BETA]: Centralize & simplify your user and group management at scale by syncing memberships directly from your upstream identity provider (like Okta or Entra ID) to the Cloudflare Platform. This ensures Cloudflare stays in sync with your identity provider, letting you apply Permission Policies to those synced groups directly within the Cloudflare Dashboard.

Revamped Permission Policies UI [BETA]: As Cloudflare's services have grown, so has the need for precise, role-based access control. We've given the Permission Policies builder a visual overhaul to make it much easier for administrators to find and define the exact permissions they want for specific principals.

For more info:

WAF - WAF Release - 2025-06-02

Mon, 02 Jun 2025 00:00:00 GMT

This week’s roundup highlights five high-risk vulnerabilities affecting SD-WAN, load balancers, and AI platforms. Several flaws enable unauthenticated remote code execution or authentication bypass.

Key Findings

Versa Concerto SD-WAN (CVE-2025-34026, CVE-2025-34027): Authentication bypass vulnerabilities allow attackers to gain unauthorized access to SD-WAN management interfaces, compromising network segmentation and control.
Kemp LoadMaster (CVE-2024-7591): Remote Code Execution vulnerability enables attackers to execute arbitrary commands, potentially leading to full device compromise within enterprise load balancing environments.
AnythingLLM (CVE-2024-0759): Server-Side Request Forgery (SSRF) flaw allows external attackers to force the LLM backend to make unauthorized internal network requests, potentially exposing sensitive internal resources.
Anyscale Ray (CVE-2023-48022): Remote Code Execution vulnerability affecting distributed AI workloads, allowing attackers to execute arbitrary code on Ray cluster nodes.
Server-Side Request Forgery (SSRF) - Generic & Obfuscated Payloads: Ongoing advancements in SSRF payload techniques observed, including obfuscation and expanded targeting of cloud metadata services and internal IP ranges.

Impact

These vulnerabilities expose critical infrastructure across networking, AI platforms, and SaaS integrations. Unauthenticated RCE and auth bypass flaws in Versa Concerto, Kemp LoadMaster, and Anyscale Ray allow full system compromise. AnythingLLM and SSRF payload variants expand attack surfaces into internal cloud resources, sensitive APIs, and metadata services, increasing risk of privilege escalation, data theft, and persistent access.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	752cfb5e6f9c46f0953c742139b52f02	100764	Versa Concerto SD-WAN - Auth Bypass - CVE:CVE-2025-34027	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	a01171de18034901b48a5549a34edb97	100765	Versa Concerto SD-WAN - Auth Bypass - CVE:CVE-2025-34026	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	840b35492a7543c18ffe50fc0d99b2db	100766	Kemp LoadMaster - Remote Code Execution - CVE:CVE-2024-7591	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	121b7070de3a459dbe80d7ed95aa3a4f	100767	AnythingLLM - SSRF - CVE:CVE-2024-0759	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	215417f989e2485a9c50eca0840a0966	100768	Anyscale Ray - Remote Code Execution - CVE:CVE-2023-48022	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	3ed619a17d4141bda3a8c3869d16ee18	100781	SSRF - Generic Payloads	N/A	Disabled	This is a New Detection
Cloudflare Managed Ruleset	7ce73f6a70be49f8944737465c963d9d	100782	SSRF - Obfuscated Payloads	N/A	Disabled	This is a New Detection

Pages - Cloudflare Pages builds now provide Node.js v22 by default

Fri, 30 May 2025 00:00:00 GMT

When you use the built-in build system that is part of Cloudflare Pages, the Build Image now includes Node.js v22. Previously, Node.js v18 was provided by default, and Node.js v18 is now end-of-life (EOL).

If you are creating a new Pages project, the new V3 build image that includes Node.js v22 will be used by default. If you have an existing Pages project, you can update to the latest build image by navigating to Settings > Build & deployments > Build system version in the Cloudflare dashboard for a specific Pages project.

Note that you can always specify a particular version of Node.js or other built-in dependencies by setting an environment variable.

For more, refer to the developer docs for Cloudflare Pages builds

Rules - Fine-tune image optimization — WebP now supported in Configuration Rules

Fri, 30 May 2025 00:00:00 GMT

You can now enable Polish with the webp format directly in Configuration Rules, allowing you to optimize image delivery for specific routes, user agents, or A/B tests — without applying changes zone-wide.

What’s new:

WebP is now a supported value in the Polish setting for Configuration Rules.

This gives you more precise control over how images are compressed and delivered, whether you're targeting modern browsers, running experiments, or tailoring performance by geography or device type.

Learn more in the Polish and Configuration Rules documentation.

Workers - Debug, profile, and view logs for your Worker in Chrome Devtools — now supported in the Cloudflare Vite plugin

Fri, 30 May 2025 00:00:00 GMT

You can now debug, profile, view logs, and analyze memory usage for your Worker using Chrome Devtools when your Worker runs locally using the Cloudflare Vite plugin.

Previously, this was only possible if your Worker ran locally using the Wrangler CLI, and now you can do all the same things if your Worker uses Vite.

When you run vite, you'll now see a debug URL in your console:

  VITE v6.3.5  ready in 461 ms

  ➜  Local:   http://localhost:5173/
  ➜  Network: use --host to expose
  ➜  Debug:   http://localhost:5173/__debug
  ➜  press h + enter to show help

Open the URL in Chrome, and an instance of Chrome Devtools will open and connect to your Worker running locally. You can then use Chrome Devtools to debug and introspect performance issues. For example, you can navigate to the Performance tab to understand where CPU time is spent in your Worker:

For more information on how to get the most out of Chrome Devtools, refer to the following docs:

Gateway, Cloudflare One - New Gateway Analytics in the Cloudflare One Dashboard

Thu, 29 May 2025 00:00:00 GMT

Users can now access significant enhancements to Cloudflare Gateway analytics, providing you with unprecedented visibility into your organization's DNS queries, HTTP requests, and Network sessions. These powerful new dashboards enable you to go beyond raw logs and gain actionable insights into how your users are interacting with the Internet and your protected resources.

You can now visualize and explore:

Patterns Over Time: Understand trends in traffic volume and blocked requests, helping you identify anomalies and plan for future capacity.
Top Users & Destinations: Quickly pinpoint the most active users, enabling better policy enforcement and resource allocation.
Actions Taken: See a clear breakdown of security actions applied by Gateway policies, such as blocks and allows, offering a comprehensive view of your security posture.
Geographic Regions: Gain insight into the global distribution of your traffic.

To access the new overview, log in to your Cloudflare Zero Trust dashboard and go to Analytics in the side navigation bar.

D1, Workers - 50-500ms Faster D1 REST API Requests

Thu, 29 May 2025 00:00:00 GMT

Users using Cloudflare's REST API to query their D1 database can see lower end-to-end request latency now that D1 authentication is performed at the closest Cloudflare network data center that received the request. Previously, authentication required D1 REST API requests to proxy to Cloudflare's core, centralized data centers, which added network round trips and latency.

Latency improvements range from 50-500 ms depending on request location and database location and only apply to the REST API. REST API requests and databases outside the United States see a bigger benefit since Cloudflare's primary core data centers reside in the United States.

D1 query endpoints like /query and /raw have the most noticeable improvements since they no longer access Cloudflare's core data centers. D1 control plane endpoints such as those to create and delete databases see smaller improvements, since they still require access to Cloudflare's core data centers for other control plane metadata.

Browser Rendering - Playwright MCP server is now compatible with Browser Rendering

Wed, 28 May 2025 00:00:00 GMT

We're excited to share that you can now use the Playwright MCP server with Browser Rendering.

Once you deploy the server, you can use any MCP client with it to interact with Browser Rendering. This allows you to run AI models that can automate browser tasks, such as taking screenshots, filling out forms, or scraping data.

Playwright MCP is available as an npm package at @cloudflare/playwright-mcp. To install it, type:

npm i -D @cloudflare/playwright-mcp

yarn add -D @cloudflare/playwright-mcp

pnpm add -D @cloudflare/playwright-mcp

bun add -d @cloudflare/playwright-mcp

Deploying the server is then as easy as:

import { env } from "cloudflare:workers";
import { createMcpAgent } from "@cloudflare/playwright-mcp";

export const PlaywrightMCP = createMcpAgent(env.BROWSER);
export default PlaywrightMCP.mount("/sse");

Check out the full code at GitHub.

Learn more about Playwright MCP in our documentation.

WAF - Updated attack score model

Wed, 28 May 2025 00:00:00 GMT

We have deployed an updated attack score model focused on enhancing the detection of multiple false positives (FPs).

As a result of this improvement, some changes in observed attack scores are expected.

SSL/TLS, Cloudflare for SaaS, Secrets Store - Increased limits for Cloudflare for SaaS and Secrets Store free and pay-as-you-go plans

Tue, 27 May 2025 11:00:00 GMT

With upgraded limits to all free and paid plans, you can now scale more easily with Cloudflare for SaaS and Secrets Store.

Cloudflare for SaaS allows you to extend the benefits of Cloudflare to your customers via their own custom or vanity domains. Now, the limit for custom hostnames on a Cloudflare for SaaS pay-as-you-go plan has been raised from 5,000 custom hostnames to 50,000 custom hostnames.

With custom origin server -- previously an enterprise-only feature -- you can route traffic from one or more custom hostnames somewhere other than your default proxy fallback. Custom origin server is now available to Cloudflare for SaaS customers on Free, Pro, and Business plans.

You can enable custom origin server on a per-custom hostname basis via the API or the UI:

Currently in beta with a Workers integration, Cloudflare Secrets Store allows you to store, manage, and deploy account level secrets from a secure, centralized platform your Cloudflare Workers. Now, you can create and deploy 100 secrets per account. Try it out in the dashboard, with Wrangler, or via the API today.

Gateway - Gateway Protocol Detection Now Available for PAYGO and Free Plans

Tue, 27 May 2025 00:00:00 GMT

All Cloudflare One Gateway users can now use Protocol detection logging and filtering, including those on Pay-as-you-go and Free plans.

With Protocol Detection, admins can identify and enforce policies on traffic proxied through Gateway based on the underlying network protocol (for example, HTTP, TLS, or SSH), enabling more granular traffic control and security visibility no matter your plan tier.

This feature is available to enable in your account network settings for all accounts. For more information on using Protocol Detection, refer to the Protocol detection documentation.

WAF - WAF Release - 2025-05-27

Tue, 27 May 2025 00:00:00 GMT

This week’s roundup covers nine vulnerabilities, including six critical RCEs and one dangerous file upload. Affected platforms span cloud services, CI/CD pipelines, CMSs, and enterprise backup systems. Several are now addressed by updated WAF managed rulesets.

Key Findings

Ingress-Nginx (CVE-2025-1098): Unauthenticated RCE via unsafe annotation handling. Impacts Kubernetes clusters.
GitHub Actions (CVE-2025-30066): RCE through malicious workflow inputs. Targets CI/CD pipelines.
Craft CMS (CVE-2025-32432): Template injection enables unauthenticated RCE. High risk to content-heavy sites.
F5 BIG-IP (CVE-2025-31644): RCE via TMUI exploit, allowing full system compromise.
AJ-Report (CVE-2024-15077): RCE through untrusted template execution. Affects reporting dashboards.
NAKIVO Backup (CVE-2024-48248): RCE via insecure script injection. High-value target for ransomware.
SAP NetWeaver (CVE-2025-31324): Dangerous file upload flaw enables remote shell deployment.
Ivanti EPMM (CVE-2025-4428, 4427): Auth bypass allows full access to mobile device management.
Vercel (CVE-2025-32421): Information leak via misconfigured APIs. Useful for attacker recon.

Impact

These vulnerabilities expose critical components across Kubernetes, CI/CD pipelines, and enterprise systems to severe threats including unauthenticated remote code execution, authentication bypass, and information leaks. High-impact flaws in Ingress-Nginx, Craft CMS, F5 BIG-IP, and NAKIVO Backup enable full system compromise, while SAP NetWeaver and AJ-Report allow remote shell deployment and template-based attacks. Ivanti EPMM’s auth bypass further risks unauthorized control over mobile device fleets.

GitHub Actions and Vercel introduce supply chain and reconnaissance risks, allowing malicious workflow inputs and data exposure that aid in targeted exploitation. Organizations should prioritize immediate patching, enhance monitoring, and deploy updated WAF and IDS signatures to defend against likely active exploitation.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	6a61a14f44af4232a44e45aad127592a	100746	Vercel - Information Disclosure	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	bd30b3c43eb44335ab6013c195442495	100754	AJ-Report - Remote Code Execution - CVE:CVE-2024-15077	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	6a13bd6e5fc94b1d9c97eb87dfee7ae4	100756	NAKIVO Backup - Remote Code Execution - CVE:CVE-2024-48248	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	a4af6f2f15c9483fa9eab01d1c52f6d0	100757	Ingress-Nginx - Remote Code Execution - CVE:CVE-2025-1098	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	bd30b3c43eb44335ab6013c195442495	100759	SAP NetWeaver - Dangerous File Upload - CVE:CVE-2025-31324	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	dab2df4f548349e3926fee845366ccc1	100760	Craft CMS - Remote Code Execution - CVE:CVE-2025-32432	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	5eb23f172ed64ee08895e161eb40686b	100761	GitHub Action - Remote Code Execution - CVE:CVE-2025-30066	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	827037f2d5f941789efcba6260fc041c	100762	Ivanti EPMM - Auth Bypass - CVE:CVE-2025-4428, CVE:CVE-2025-4427	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	ddee6d1c4f364768b324609cebafdfe6	100763	F5 Big IP - Remote Code Execution - CVE:CVE-2025-31644	Log	Disabled	This is a New Detection

Analytics - New GraphQL Analytics API Explorer and MCP Server

Fri, 23 May 2025 00:00:00 GMT

We’ve launched two powerful new tools to make the GraphQL Analytics API more accessible:

GraphQL API Explorer

The new GraphQL API Explorer helps you build, test, and run queries directly in your browser. Features include:

In-browser schema documentation to browse available datasets and fields
Interactive query editor with autocomplete and inline documentation
A "Run in GraphQL API Explorer" button to execute example queries from our docs
Seamless OAuth authentication — no manual setup required

GraphQL Model Context Protocol (MCP) Server

MCP Servers let you use natural language tools like Claude to generate structured queries against your data. See our blog post for details on how they work and which servers are available. The new GraphQL MCP server helps you discover and generate useful queries for the GraphQL Analytics API. With this server, you can:

Explore what data is available to query
Generate and refine queries using natural language, with one-click links to run them in the API Explorer
Build dashboards and visualizations from structured query outputs

Example prompts include:

“Show me HTTP traffic for the last 7 days for example.com”
“What GraphQL node returns firewall events?”
“Can you generate a link to the Cloudflare GraphQL API Explorer with a pre-populated query and variables?”

We’re continuing to expand these tools, and your feedback helps shape what’s next. Explore the documentation to learn more and get started.

Cloudflare One Client - WARP client for Windows (version 2025.4.943.0)

Thu, 22 May 2025 21:34:06 GMT

A new GA release for the Windows WARP client is now available on the stable releases downloads page.

This release contains a hotfix for managed networks for the 2025.4.929.0 release.

Changes and improvements

Fixed an issue where it could take up to 3 minutes for the correct device profile to be applied in some circumstances. In the worst case, it should now only take up to 40 seconds. This will be improved further in a future release.

Known issues

DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.
Microsoft has confirmed a regression with Windows 11 starting around 24H2 that may cause performance issues for some users. These performance issues could manifest as mouse lag, audio cracking, or other slowdowns. A fix from Microsoft is expected in early July.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.

Cloudflare One Client - WARP client for macOS (version 2025.4.943.0)

Thu, 22 May 2025 21:34:06 GMT

A new GA release for the macOS WARP client is now available on the stable releases downloads page.

This release contains a hotfix for managed networks for the 2025.4.929.0 release.

Changes and improvements

Fixed an issue where it could take up to 3 minutes for the correct device profile to be applied in some circumstances. In the worst case, it should now only take up to 40 seconds. This will be improved further in a future release.

Known issues

macOS Sequoia: Due to changes Apple introduced in macOS 15.0.x, the WARP client may not behave as expected. Cloudflare recommends the use of macOS 15.4 or later.

Cloudflare One Client - WARP client for Linux (version 2025.4.943.0)

Thu, 22 May 2025 19:22:32 GMT

A new GA release for the Linux WARP client is now available on the stable releases downloads page.

This release contains a hotfix for managed networks for the 2025.4.929.0 release.

Changes and improvements

Fixed an issue where it could take up to 3 minutes for the correct device profile to be applied in some circumstances. In the worst case, it should now only take up to 40 seconds. This will be improved further in a future release.

Known issues

Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.

Workers - Handle incoming request cancellation in Workers with Request.signal

Thu, 22 May 2025 00:00:00 GMT

In Cloudflare Workers, you can now attach an event listener to Request objects, using the signal property. This allows you to perform tasks when the request to your Worker is canceled by the client. To use this feature, you must set the enable_request_signal compatibility flag.

You can use a listener to perform cleanup tasks or write to logs before your Worker's invocation ends. For example, if you run the Worker below, and then abort the request from the client, a log will be written:

JavaScript

export default {
  async fetch(request, env, ctx) {
    // This sets up an event listener that will be called if the client disconnects from your
    // worker.
    request.signal.addEventListener("abort", () => {
      console.log("The request was aborted!");
    });

    const { readable, writable } = new IdentityTransformStream();
    sendPing(writable);
    return new Response(readable, {
      headers: { "Content-Type": "text/plain" },
    });
  },
};

async function sendPing(writable) {
  const writer = writable.getWriter();
  const enc = new TextEncoder();

  for (;;) {
    // Send 'ping' every second to keep the connection alive
    await writer.write(enc.encode("ping\r\n"));
    await scheduler.wait(1000);
  }
}

TypeScript

export default {
  async fetch(request, env, ctx): Promise<Response> {
    // This sets up an event listener that will be called if the client disconnects from your
    // worker.
    request.signal.addEventListener('abort', () => {
      console.log('The request was aborted!');
    });

    const { readable, writable } = new IdentityTransformStream();
    sendPing(writable);
    return new Response(readable, { headers: { 'Content-Type': 'text/plain' } });
  },
} satisfies ExportedHandler<Env>;

async function sendPing(writable: WritableStream): Promise<void> {
  const writer = writable.getWriter();
  const enc = new TextEncoder();

  for (;;) {
    // Send 'ping' every second to keep the connection alive
    await writer.write(enc.encode('ping\r\n'));
    await scheduler.wait(1000);
  }
}

For more information see the Request documentation.

Cloudflare Fundamentals, Terraform - Terraform v5.5.0 now available

Mon, 19 May 2025 00:00:00 GMT

Earlier this year, we announced the launch of the new Terraform v5 Provider. Unlike the earlier Terraform providers, v5 is automatically generated based on the OpenAPI Schemas for our REST APIs. Since launch, we have seen an unexpectedly high number of issues reported by customers. These issues currently impact about 15% of resources. We have been working diligently to address these issues across the company, and have released the v5.5.0 release which includes a number of bug fixes. Please keep an eye on this changelog for more information about upcoming releases.

Changes

Broad fixes across resources with recurring diffs, including, but not limited to:
- cloudflare_zero_trust_gateway_policy
- cloudflare_zero_trust_access_application
- cloudflare_zero_trust_tunnel_cloudflared_route
- cloudflare_zone_setting
- cloudflare_ruleset
- cloudflare_page_rule
Zone settings can be re-applied without client errors
Page rules conversion errors are fixed
Failure to apply changes to cloudflare_zero_trust_tunnel_cloudflared_route
Other bug fixes

For a more detailed look at all of the changes, see the changelog in GitHub.

Issues Closed

If you have an unaddressed issue with the provider, we encourage you to check the open issues and open a new one if one does not already exist for what you are experiencing.

Upgrading

For more info

WAF - WAF Release - 2025-05-19

Mon, 19 May 2025 00:00:00 GMT

This week's analysis covers four vulnerabilities, with three rated critical due to their Remote Code Execution (RCE) potential. One targets a high-traffic frontend platform, while another targets a popular content management system. These detections are now part of the Cloudflare Managed Ruleset in Block mode.

Key Findings

Commvault Command Center (CVE-2025-34028) exposes an unauthenticated RCE via insecure command injection paths in the web UI. This is critical due to its use in enterprise backup environments.
BentoML (CVE-2025-27520) reveals an exploitable vector where serialized payloads in model deployment APIs can lead to arbitrary command execution. This targets modern AI/ML infrastructure.
Craft CMS (CVE-2024-56145) allows RCE through template injection in unauthenticated endpoints. It poses a significant risk for content-heavy websites with plugin extensions.
Apache HTTP Server (CVE-2024-38475) discloses sensitive server config data due to misconfigured mod_proxy behavior. While not RCE, this is useful for pre-attack recon.

Impact

These newly detected vulnerabilities introduce critical risk across modern web stacks, AI infrastructure, and content platforms: unauthenticated RCEs in Commvault, BentoML, and Craft CMS enable full system compromise with minimal attacker effort.

Apache HTTPD information leak can support targeted reconnaissance, increasing the success rate of follow-up exploits. Organizations using these platforms should prioritize patching and monitor for indicators of exploitation using updated WAF detection rules.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	5c3559ad62994e5b932d7d0075129820	100745	Apache HTTP Server - Information Disclosure - CVE:CVE-2024-38475	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	28a22a685bba478d99bc904526a517f1	100747	Commvault Command Center - Remote Code Execution - CVE:CVE-2025-34028	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	2e6bb954d0634e368c49d7d1d7619ccb	100749	BentoML - Remote Code Execution - CVE:CVE-2025-27520	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	91250eebec894705b62305b2f15bfda4	100753	Craft CMS - Remote Code Execution - CVE:CVE-2024-56145	Log	Block	This is a New Detection

Cloudflare One - New Applications Added to Zero Trust

Sun, 18 May 2025 00:00:00 GMT

42 new applications have been added for Zero Trust support within the Application Library and Gateway policy enforcement, giving you the ability to investigate or apply inline policies to these applications.

33 of the 42 applications are Artificial Intelligence applications. The others are Human Resources (2 applications), Development (2 applications), Productivity (2 applications), Sales & Marketing, Public Cloud, and Security.

To view all available applications, log in to your Cloudflare Zero Trust dashboard, navigate to the App Library under My Team.

For more information on creating Gateway policies, see our Gateway policy documentation.

Access, Cloudflare One - New Access Analytics in the Cloudflare One Dashboard

Fri, 16 May 2025 00:00:00 GMT

A new Access Analytics dashboard is now available to all Cloudflare One customers. Customers can apply and combine multiple filters to dive into specific slices of their Access metrics. These filters include:

Logins granted and denied
Access events by type (SSO, Login, Logout)
Application name (Salesforce, Jira, Slack, etc.)
Identity provider (Okta, Google, Microsoft, onetimepin, etc.)
Users (chris@cloudflare.com, sally@cloudflare.com, rachel@cloudflare.com, etc.)
Countries (US, CA, UK, FR, BR, CN, etc.)
Source IP address
App type (self-hosted, Infrastructure, RDP, etc.)

To access the new overview, log in to your Cloudflare Zero Trust dashboard and find Analytics in the side navigation bar.

Workers, Durable Objects - Durable Objects are now supported in Python Workers

Fri, 16 May 2025 00:00:00 GMT

You can now create Durable Objects using Python Workers. A Durable Object is a special kind of Cloudflare Worker which uniquely combines compute with storage, enabling stateful long-running applications which run close to your users. For more info see here.

You can define a Durable Object in Python in a similar way to JavaScript:

from workers import DurableObject, Response, WorkerEntrypoint

from urllib.parse import urlparse

class MyDurableObject(DurableObject):
    def __init__(self, ctx, env):
        self.ctx = ctx
        self.env = env

    def fetch(self, request):
        result = self.ctx.storage.sql.exec("SELECT 'Hello, World!' as greeting").one()
        return Response(result.greeting)

class Default(WorkerEntrypoint):
    async def fetch(self, request):
        url = urlparse(request.url)
        id = env.MY_DURABLE_OBJECT.idFromName(url.path)
        stub = env.MY_DURABLE_OBJECT.get(id)
        greeting = await stub.fetch(request.url)
        return greeting

Define the Durable Object in your Wrangler configuration file:

wrangler.jsonc

{
  "durable_objects": {
    "bindings": [
      {
        "name": "MY_DURABLE_OBJECT",
        "class_name": "MyDurableObject"
      }
    ]
  }
}

wrangler.toml

[[durable_objects.bindings]]
name = "MY_DURABLE_OBJECT"
class_name = "MyDurableObject"

Then define the storage backend for your Durable Object:

wrangler.jsonc

{
  "migrations": [
    {
      "tag": "v1", // Should be unique for each entry
      "new_sqlite_classes": [ // Array of new classes
        "MyDurableObject"
      ]
    }
  ]
}

wrangler.toml

[[migrations]]
tag = "v1"
new_sqlite_classes = [ "MyDurableObject" ]

Then test your new Durable Object locally by running wrangler dev:

npx wrangler dev

Consult the Durable Objects documentation for more details.

Email security - Open email attachments with Browser Isolation

Thu, 15 May 2025 23:22:49 GMT

You can now safely open email attachments to view and investigate them.

What this means is that messages now have a Attachments section. Here, you can view processed attachments and their classifications (for example, Malicious, Suspicious, Encrypted). Next to each attachment, a Browser Isolation icon allows your team to safely open the file in a clientless, isolated browser with no risk to the analyst or your environment.

To use this feature, you must:

Enable Clientless Web Isolation in your Zero Trust settings.
Have Browser Isolation (BISO) seats assigned.

For more details, refer to our setup guide.

Some attachment types may not render in Browser Isolation. If there is a file type that you would like to be opened with Browser Isolation, reach out to your Cloudflare contact.

This feature is available across these Email security packages:

Advantage
Enterprise
Enterprise + PhishGuard

Cloudflare One Client - WARP client for Windows (version 2025.4.929.0)

Wed, 14 May 2025 21:32:45 GMT

A new GA release for the Windows WARP client is now available on the stable releases downloads page.

This release contains two significant changes all customers should be aware of:

All DNS traffic now flows inside the WARP tunnel. Customers are no longer required to configure their local firewall rules to allow our DoH IP addresses and domains.
When using MASQUE, the connection will fall back to HTTP/2 (TCP) when we detect that HTTP/3 traffic is blocked. This allows for a much more reliable connection on some public WiFi networks.

Changes and improvements

Fixed an issue causing reconnection loops when captive portals are detected.
Fixed an issue that caused WARP client disk encryption posture checks to fail due to missing drive names.
Fixed an issue where managed network policies could incorrectly report network location beacons as missing.
Improved DEX test error reporting.
Fixed an issue where some parts of the WARP Client UI were missing in high contrast mode.
Fixed an issue causing client notifications to fail in IPv6 only environments which prevented the client from receiving configuration changes to settings like device profile.
Added a TCP fallback for the MASQUE tunnel protocol to improve connectivity on networks that block UDP or HTTP/3 specifically.
Added new IP addresses for tunnel connectivity checks. If your organization uses a firewall or other policies you will need to exempt these IPs.
DNS over HTTPS traffic is now included in the WARP tunnel by default.
Improved the error message displayed in the client GUI when the rate limit for entering an incorrect admin override code is met.
Improved handling of non-SLAAC IPv6 interface addresses for better connectivity in IPv6 only environments.
Fixed an issue where frequent network changes could cause WARP to become unresponsive.
Improvement for WARP to check if tunnel connectivity fails or times out at device wake before attempting to reconnect.
Fixed an issue causing WARP connection disruptions after network changes.

Known issues

DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.
Microsoft has confirmed a regression with Windows 11 starting around 24H2 that may cause performance issues for some users. These performance issues could manifest as mouse lag, audio cracking, or other slowdowns. A fix from Microsoft is expected in early July.
Devices with KB5055523 installed may receive a warning about Win32/ClickFix.ABA being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to version 1.429.19.0 or later.

Gateway - Domain Categories improvements

Wed, 14 May 2025 00:00:00 GMT

New categories added

Parent ID	Parent Name	Category ID	Category Name
1	Ads	66	Advertisements
3	Business & Economy	185	Personal Finance
3	Business & Economy	186	Brokerage & Investing
21	Security Threats	187	Compromised Domain
21	Security Threats	188	Potentially Unwanted Software
6	Education	189	Reference
9	Government & Politics	190	Charity and Non-profit

Changes to existing categories

Original Name	New Name
Religion	Religion & Spirituality
Government	Government/Legal
Redirect	URL Alias/Redirect

Refer to Gateway domain categories to learn more.

Hyperdrive - Hyperdrive achieves FedRAMP Moderate-Impact Authorization

Wed, 14 May 2025 00:00:00 GMT

Hyperdrive has been approved for FedRAMP Authorization and is now available in the FedRAMP Marketplace.

FedRAMP is a U.S. government program that provides standardized assessment and authorization for cloud products and services. As a result of this product update, Hyperdrive has been approved as an authorized service to be used by U.S. federal agencies at the Moderate Impact level.

For detailed information regarding FedRAMP and its implications, please refer to the official FedRAMP documentation for Cloudflare.

Stream - Introducing Origin Restrictions for Media Transformations

Wed, 14 May 2025 00:00:00 GMT

We are adding source origin restrictions to the Media Transformations beta. This allows customers to restrict what sources can be used to fetch images and video for transformations. This feature is the same as --- and uses the same settings as --- Image Transformations sources.

When transformations is first enabled, the default setting only allows transformations on images and media from the same website or domain being used to make the transformation request. In other words, by default, requests to example.com/cdn-cgi/media can only reference originals on example.com.

Adding access to other sources, or allowing any source, is easy to do in the Transformations tab under Stream. Click each domain enabled for Transformations and set its sources list to match the needs of your content. The user making this change will need permission to edit zone settings.

For more information, learn about Transforming Videos.

Browser Isolation - SAML HTTP-POST bindings support for RBI

Tue, 13 May 2025 00:00:00 GMT

Remote Browser Isolation (RBI) now supports SAML HTTP-POST bindings, enabling seamless authentication for SSO-enabled applications that rely on POST-based SAML responses from Identity Providers (IdPs) within a Remote Browser Isolation session. This update resolves a previous limitation that caused 405 errors during login and improves compatibility with multi-factor authentication (MFA) flows.

With expanded support for major IdPs like Okta and Azure AD, this enhancement delivers a more consistent and user-friendly experience across authentication workflows. Learn how to set up Remote Browser Isolation.

Gateway - New Applications Added for DNS Filtering

Tue, 13 May 2025 00:00:00 GMT

You can now create DNS policies to manage outbound traffic for an expanded list of applications. This update adds support for 273 new applications, giving you more control over your organization's outbound traffic.

With this update, you can:

Create DNS policies for a wider range of applications
Manage outbound traffic more effectively
Improve your organization's security and compliance posture

For more information on creating DNS policies, see our DNS policy documentation.

Cloudflare One Client - WARP client for Linux (version 2025.4.929.0)

Mon, 12 May 2025 23:21:47 GMT

A new GA release for the Linux WARP client is now available on the stable releases downloads page.

This release contains two significant changes all customers should be aware of:

All DNS traffic now flows inside the WARP tunnel. Customers are no longer required to configure their local firewall rules to allow our DoH IP addresses and domains.
When using MASQUE, the connection will fall back to HTTP/2 (TCP) when we detect that HTTP/3 traffic is blocked. This allows for a much more reliable connection on some public WiFi networks.

Changes and improvements

Fixed an issue where the managed network policies could incorrectly report network location beacons as missing.
Improved DEX test error reporting.
Fixed an issue causing client notifications to fail in IPv6 only environments which prevented the client from receiving configuration changes to settings like device profile.
Added a TCP fallback for the MASQUE tunnel protocol to improve connectivity on networks that block UDP or HTTP/3 specifically.
Added new IP addresses for tunnel connectivity checks. If your organization uses a firewall or other policies you will need to exempt these IPs.
Fixed an issue where frequent network changes could cause WARP to become unresponsive.
DNS over HTTPS traffic is now included in the WARP tunnel by default.
Improvement for WARP to check if tunnel connectivity fails or times out at device wake before attempting to reconnect.
Fixed an issue causing WARP connection disruptions after network changes.

Known issues

Devices using WARP client 2025.4.929.0 and up may experience Local Domain Fallback failures if a fallback server has not been configured. To configure a fallback server, refer to Route traffic to fallback server.

Cloudflare One Client - WARP client for macOS (version 2025.4.929.0)

Mon, 12 May 2025 23:20:27 GMT

A new GA release for the macOS WARP client is now available on the stable releases downloads page.

This release contains two significant changes all customers should be aware of:

All DNS traffic now flows inside the WARP tunnel. Customers are no longer required to configure their local firewall rules to allow our DoH IP addresses and domains.
When using MASQUE, the connection will fall back to HTTP/2 (TCP) when we detect that HTTP/3 traffic is blocked. This allows for a much more reliable connection on some public WiFi networks.

Changes and improvements

Fixed an issue where the managed network policies could incorrectly report network location beacons as missing.
Improved DEX test error reporting.
Fixed an issue causing client notifications to fail in IPv6 only environments which prevented the client from receiving configuration changes to settings like device profile.
Improved captive portal detection.
Added a TCP fallback for the MASQUE tunnel protocol to improve connectivity on networks that block UDP or HTTP/3 specifically.
Added new IP addresses for tunnel connectivity checks. If your organization uses a firewall or other policies you will need to exempt these IPs.
DNS over HTTPS traffic is now included in the WARP tunnel by default.
Improved the error message displayed in the client GUI when the rate limit for entering an incorrect admin override code is met.
Improved handling of non-SLAAC IPv6 interface addresses for better connectivity in IPv6 only environments.
Fixed an issue where frequent network changes could cause WARP to become unresponsive.
Improvement for WARP to check if tunnel connectivity fails or times out at device wake before attempting to reconnect.
Fixed an issue causing WARP connection disruptions after network changes.

Known issues

macOS Sequoia: Due to changes Apple introduced in macOS 15.0.x, the WARP client may not behave as expected. Cloudflare recommends the use of macOS 15.4 or later.

Data Loss Prevention - Case Sensitive Custom Word Lists

Mon, 12 May 2025 00:00:00 GMT

You can now configure custom word lists to enforce case sensitivity. This setting supports flexibility where needed and aims to reduce false positives where letter casing is critical.

Queues - Publish messages to Queues directly via HTTP

Fri, 09 May 2025 12:00:00 GMT

You can now publish messages to Cloudflare Queues directly via HTTP from any service or programming language that supports sending HTTP requests. Previously, publishing to queues was only possible from within Cloudflare Workers. You can already consume from queues via Workers or HTTP pull consumers, and now publishing is just as flexible.

Publishing via HTTP requires a Cloudflare API token with Queues Edit permissions for authentication. Here's a simple example:

curl "https://api.cloudflare.com/client/v4/accounts/<account_id>/queues/<queue_id>/messages" \
  -X POST \
  -H 'Authorization: Bearer <api_token>' \
  --data '{ "body": { "greeting": "hello", "timestamp":  "2025-07-24T12:00:00Z"} }'

You can also use our SDKs for TypeScript, Python, and Go.

To get started with HTTP publishing, check out our step-by-step example and the full API documentation in our API reference.

Rules - More ways to match — Snippets now support Custom Lists, Bot Score, and WAF Attack Score

Fri, 09 May 2025 00:00:00 GMT

You can now use IP, Autonomous System (AS), and Hostname custom lists to route traffic to Snippets and Cloud Connector, giving you greater precision and control over how you match and process requests at the edge.

In Snippets, you can now also match on Bot Score and WAF Attack Score, unlocking smarter edge logic for everything from request filtering and mitigation to tarpitting and logging.

What’s new:

Custom lists matching – Snippets and Cloud Connector now support user-created IP, AS, and Hostname lists via dashboard or Lists API. Great for shared logic across zones.
Bot Score and WAF Attack Score – Use Cloudflare’s intelligent traffic signals to detect bots or attacks and take advanced, tailored actions with just a few lines of code.

These enhancements unlock new possibilities for building smarter traffic workflows with minimal code and maximum efficiency.

Learn more in the Snippets and Cloud Connector documentation.

Email security - Open email links with Browser Isolation

Thu, 08 May 2025 23:22:49 GMT

You can now safely open links in emails to view and investigate them.

From Investigation, go to View details, and look for the Links identified section. Next to each link, the Cloudflare dashboard will display an Open in Browser Isolation icon which allows your team to safely open the link in a clientless, isolated browser with no risk to the analyst or your environment. Refer to Open links to learn more about this feature.

To use this feature, you must:

Enable Clientless Web Isolation in your Zero Trust settings.
Have Browser Isolation (RBI) seats assigned.

For more details, refer to our setup guide.

This feature is available across these Email security packages:

Advantage
Enterprise
Enterprise + PhishGuard

Security Center - URL Scanner now supports geo-specific scanning

Thu, 08 May 2025 00:00:00 GMT

Enterprise customers can now choose the geographic location from which a URL scan is performed — either via Security Center in the Cloudflare dashboard or via the URL Scanner API.

This feature gives security teams greater insight into how a website behaves across different regions, helping uncover targeted, location-specific threats.

What’s new:

Location Picker: Select a location for the scan via Security Center → Investigate in the dashboard or through the API.
Region-aware scanning: Understand how content changes by location — useful for detecting regionally tailored attacks.
Default behavior: If no location is set, scans default to the user’s current geographic region.

Learn more in the Security Center documentation.

WAF - Improved Payload Logging for WAF Managed Rules

Thu, 08 May 2025 00:00:00 GMT

We have upgraded WAF Payload Logging to enhance rule diagnostics and usability:

Targeted logging: Logs now capture only the specific portions of requests that triggered WAF rules, rather than entire request segments.
Visual highlighting: Matched content is visually highlighted in the UI for faster identification.
Enhanced context: Logs now include surrounding context to make diagnostics more effective.

Payload Logging is available to all Enterprise customers. If you have not used Payload Logging before, check how you can get started.

Note: The structure of the encrypted_matched_data field in Logpush has changed from Map<Field, Value> to Map<Field, {Before: bytes, Content: Value, After: bytes}>. If you rely on this field in your Logpush jobs, you should review and update your processing logic accordingly.

Workers - Improved memory efficiency for WebAssembly Workers

Thu, 08 May 2025 00:00:00 GMT

FinalizationRegistry is now available in Workers. You can opt-in using the enable_weak_ref compatibility flag.

This can reduce memory leaks when using WebAssembly-based Workers, which includes Python Workers and Rust Workers. The FinalizationRegistry works by enabling toolchains such as Emscripten and wasm-bindgen to automatically free WebAssembly heap allocations. If you are using WASM and seeing Exceeded Memory errors and cannot determine a cause using memory profiling, you may want to enable the FinalizationRegistry.

For more information refer to the enable_weak_ref compatibility flag documentation.

Data Loss Prevention - Send forensic copies to storage without DLP profiles

Wed, 07 May 2025 00:00:00 GMT

You can now send DLP forensic copies to third-party storage for any HTTP policy with an Allow or Block action, without needing to include a DLP profile. This change increases flexibility for data handling and forensic investigation use cases.

By default, Gateway will send all matched HTTP requests to your configured DLP Forensic Copy jobs.

Load Balancing - UDP and ICMP Monitor Support for Private Load Balancing Endpoints

Tue, 06 May 2025 00:00:00 GMT

Cloudflare Load Balancing now supports UDP (Layer 4) and ICMP (Layer 3) health monitors for private endpoints. This makes it simple to track the health and availability of internal services that don’t respond to HTTP, TCP, or other protocol probes.

What you can do:

Set up ICMP ping monitors to check if your private endpoints are reachable.
Use UDP monitors for lightweight health checks on non-TCP workloads, such as DNS, VoIP, or custom UDP-based services.
Gain better visibility and uptime guarantees for services running behind Private Network Load Balancing, without requiring public IP addresses.

This enhancement is ideal for internal applications that rely on low-level protocols, especially when used in conjunction with Cloudflare Tunnel, WARP, and Magic WAN to create a secure and observable private network.

Learn more about Private Network Load Balancing or view the full list of supported health monitor protocols.

Cloudflare Fundamentals, Terraform - Terraform v5.4.0 now available

Tue, 06 May 2025 00:00:00 GMT

Earlier this year, we announced the launch of the new Terraform v5 Provider. Unlike the earlier Terraform providers, v5 is automatically generated based on the OpenAPI Schemas for our REST APIs. Since launch, we have seen an unexpectedly high number of issues reported by customers. These issues currently impact about 15% of resources. We have been working diligently to address these issues across the company, and have released the v5.4.0 release which includes a number of bug fixes. Please keep an eye on this changelog for more information about upcoming releases.

Changes

Removes the worker_platforms_script_secret resource from the provider (see migration guide for alternatives—applicable to both Workers and Workers for Platforms)
Removes duplicated fields in cloudflare_cloud_connector_rules resource
Fixes cloudflare_workers_route id issues #5134 #5501
Fixes issue around refreshing resources that have unsupported response types
Affected resources
- cloudflare_certificate_pack
- cloudflare_registrar_domain
- cloudflare_stream_download
- cloudflare_stream_webhook
- cloudflare_user
- cloudflare_workers_kv
- cloudflare_workers_script
Fixes cloudflare_workers_kv state refresh issues
Fixes issues around configurability of nested properties without computed values for the following resources
Affected resources
- cloudflare_account
- cloudflare_account_dns_settings
- cloudflare_account_token
- cloudflare_api_token
- cloudflare_cloud_connector_rules
- cloudflare_custom_ssl
- cloudflare_d1_database
- cloudflare_dns_record
- email_security_trusted_domains
- cloudflare_hyperdrive_config
- cloudflare_keyless_certificate
- cloudflare_list_item
- cloudflare_load_balancer
- cloudflare_logpush_dataset_job
- cloudflare_magic_network_monitoring_configuration
- cloudflare_magic_transit_site
- cloudflare_magic_transit_site_lan
- cloudflare_magic_transit_site_wan
- cloudflare_magic_wan_static_route
- cloudflare_notification_policy
- cloudflare_pages_project
- cloudflare_queue
- cloudflare_queue_consumer
- cloudflare_r2_bucket_cors
- cloudflare_r2_bucket_event_notification
- cloudflare_r2_bucket_lifecycle
- cloudflare_r2_bucket_lock
- cloudflare_r2_bucket_sippy
- cloudflare_ruleset
- cloudflare_snippet_rules
- cloudflare_snippets
- cloudflare_spectrum_application
- cloudflare_workers_deployment
- cloudflare_zero_trust_access_application
- cloudflare_zero_trust_access_group
Fixed defaults that made cloudflare_workers_script fail when using Assets
Fixed Workers Logpush setting in cloudflare_workers_script mistakenly being readonly
Fixed cloudflare_pages_project broken when using "source"

The detailed changelog is available on GitHub.

Upgrading

For more info

WAF - WAF Release - 2025-05-05

Mon, 05 May 2025 00:00:00 GMT

This week's analysis covers five CVEs with varying impact levels. Four are rated critical, while one is rated high severity. Remote Code Execution vulnerabilities dominate this set.

Key Findings

GFI KerioControl (CVE-2024-52875) contains an unauthenticated Remote Code Execution (RCE) vulnerability that targets firewall appliances. This vulnerability can let attackers gain root level system access, making this CVE particularly attractive for threat actors.

The SonicWall SMA vulnerabilities remain concerning due to their continued exploitation since 2021. These critical vulnerabilities in remote access solutions create dangerous entry points to networks.

Impact

Customers using the Managed Ruleset will receive rule coverage following this week's release. Below is a breakdown of the recommended prioritization based on current exploitation trends:

GFI KerioControl (CVE-2024-52875) - Highest priority; unauthenticated RCE
SonicWall SMA (Multiple vulnerabilities) - Critical for network appliances
XWiki (CVE-2025-24893) - High priority for development environments
Langflow (CVE-2025-3248) - Important for AI workflow platforms
MinIO (CVE-2025-31489) - Important for object storage implementations

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	921660147baa48eaa9151077d0b7a392	100724	GFI KerioControl - Remote Code Execution - CVE:CVE-2024-52875	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	a3900934273b4a488111f810717a9e42	100748	XWiki - Remote Code Execution - CVE:CVE-2025-24893	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	616ad0e03892473191ca1df4e9cf745d	100750	SonicWall SMA - Dangerous File Upload - CVE:CVE-2021-20040, CVE:CVE-2021-20041, CVE:CVE-2021-20042	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	1a11fbe84b49451193ee1ee6d29da333	100751	Langflow - Remote Code Execution - CVE:CVE-2025-3248	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	5eb7ed601e6844828b9bdb05caa7b208	100752	MinIO - Auth Bypass - CVE:CVE-2025-31489	Log	Block	This is a New Detection

Browser Isolation - Browser Isolation Overview page for Zero Trust

Thu, 01 May 2025 00:00:00 GMT

A new Browser Isolation Overview page is now available in the Cloudflare Zero Trust dashboard. This centralized view simplifies the management of Remote Browser Isolation (RBI) deployments, providing:

Streamlined Onboarding: Easily set up and manage isolation policies from one location.
Quick Testing: Validate clientless web application isolation with ease.
Simplified Configuration: Configure isolated access applications and policies efficiently.
Centralized Monitoring: Track aggregate usage and blocked actions.

This update consolidates previously disparate settings, accelerating deployment, improving visibility into isolation activity, and making it easier to ensure your protections are working effectively.

To access the new overview, log in to your Cloudflare Zero Trust dashboard and find Browser Isolation in the side navigation bar.

R2 - R2 Dashboard experience gets new updates

Thu, 01 May 2025 00:00:00 GMT

We're excited to announce several improvements to the Cloudflare R2 dashboard experience that make managing your object storage easier and more intuitive:

All-new settings page

We've redesigned the bucket settings page, giving you a centralized location to manage all your bucket configurations in one place.

Improved navigation and sharing

Deeplink support for prefix directories: Navigate through your bucket hierarchy without losing your state. Your browser's back button now works as expected, and you can share direct links to specific prefix directories with teammates.
Objects as clickable links: Objects are now proper links that you can copy or CMD + Click to open in a new tab.

Clearer public access controls

Renamed "r2.dev domain" to "Public Development URL" for better clarity when exposing bucket contents for non-production workloads.
Public Access status now clearly displays "Enabled" when your bucket is exposed to the internet (via Public Development URL or Custom Domains).

We've also made numerous other usability improvements across the board to make your R2 experience smoother and more productive.

Cloudflare One - Dark Mode for Zero Trust Dashboard

Wed, 30 Apr 2025 00:00:00 GMT

The Cloudflare Zero Trust dashboard now supports Cloudflare's native dark mode for all accounts and plan types.

Zero Trust Dashboard will automatically accept your user-level preferences for system settings, so if your Dashboard appearance is set to 'system' or 'dark', the Zero Trust dashboard will enter dark mode whenever the rest of your Cloudflare account does.

Zero Trust Dashboard
To update your view preference in the Zero Trust dashboard:
1. Log into the Zero Trust dashboard.
2. Select your user icon.
3. Select Dark Mode.
Core Dashboard
To update your view preference in the Core dashboard:
1. Log into the Cloudflare dashboard.
2. Go to My Profile
3. For Appearance, choose Dark.

Cloudflare One, Cloudflare WAN - Cloudflare One Appliance supports multiple DNS server IPs

Wed, 30 Apr 2025 00:00:00 GMT

Cloudflare One Appliance DHCP server settings now support specifying multiple DNS server IP addresses in the DHCP pool.

Previously, customers could only configure a single DNS server per DHCP pool. With this update, you can specify multiple DNS servers to provide redundancy for clients at branch locations.

For configuration details, refer to DHCP server.

Gateway - FQDN Filtering For Gateway Egress Policies

Mon, 28 Apr 2025 00:00:00 GMT

Cloudflare One administrators can now control which egress IP is used based on a destination's fully qualified domain name (FDQN) within Gateway Egress policies.

Host, Domain, Content Categories, and Application selectors are now available in the Gateway Egress policy builder in beta.
During the beta period, you can use these selectors with traffic on-ramped to Gateway with the WARP client, proxy endpoints (commonly deployed with PAC files), or Cloudflare Browser Isolation.
- For WARP client support, additional configuration is required. For more information, refer to the WARP client configuration documentation.

This will help apply egress IPs to your users' traffic when an upstream application or network requires it, while the rest of their traffic can take the most performant egress path.

WAF - WAF Release - 2025-04-26 - Emergency

Sat, 26 Apr 2025 00:00:00 GMT

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	54ea354d7f2d43c69b238d1419fcc883	100755	React.js - Router and Remix Vulnerability - CVE:CVE-2025-43864, CVE:CVE-2025-43865	Block	Block	This is a New Detection

Rules - Custom Errors are now Generally Available

Thu, 24 Apr 2025 00:00:00 GMT

Custom Errors are now generally available for all paid plans — bringing a unified and powerful experience for customizing error responses at both the zone and account levels.

You can now manage Custom Error Rules, Custom Error Assets, and redesigned Error Pages directly from the Cloudflare dashboard. These features let you deliver tailored messaging when errors occur, helping you maintain brand consistency and improve user experience — whether it’s a 404 from your origin or a security challenge from Cloudflare.

What's new:

Custom Errors are now GA – Available on all paid plans and ready for production traffic.
UI for Custom Error Rules and Assets – Manage your zone-level rules from the Rules > Overview and your zone-level assets from the Rules > Settings tabs.
Define inline content or upload assets – Create custom responses directly in the rule builder, upload new or reuse previously stored assets.
Refreshed UI and new name for Error Pages – Formerly known as “Custom Pages,” Error Pages now offer a cleaner, more intuitive experience for both zone and account-level configurations.
Powered by Ruleset Engine – Custom Error Rules support conditional logic and override Error Pages for 500 and 1000 class errors, as well as errors originating from your origin or other Cloudflare products. You can also configure Response Header Transform Rules to add, change, or remove HTTP headers from responses returned by Custom Error Rules.

Learn more in the Custom Errors documentation.

Workers - Cron triggers are now supported in Python Workers

Thu, 24 Apr 2025 00:00:00 GMT

You can now create Python Workers which are executed via a cron trigger.

This is similar to how it's done in JavaScript Workers, simply define a scheduled event listener in your Worker:

from workers import handler

@handler
async def on_scheduled(event, env, ctx):
  print("cron processed")

Define a cron trigger configuration in your Wrangler configuration file:

wrangler.jsonc

{
  "triggers": {
    // Schedule cron triggers:
    // - At every 3rd minute
    // - At 15:00 (UTC) on first day of the month
    // - At 23:59 (UTC) on the last weekday of the month
    "crons": [
      "*/3 * * * *",
      "0 15 1 * *",
      "59 23 LW * *"
    ]
  }
}

wrangler.toml

[triggers]
crons = [ "*/3 * * * *", "0 15 1 * *", "59 23 LW * *" ]

Then test your new handler by using Wrangler with the --test-scheduled flag and making a request to /cdn-cgi/handler/scheduled?cron=*+*+*+*+*:

npx wrangler dev --test-scheduled

curl "http://localhost:8787/cdn-cgi/handler/scheduled?cron=*+*+*+*+*"

Consult the Workers Cron Triggers page for full details on cron triggers in Workers.

AI Search - Metadata filtering and multitenancy support in AutoRAG

Wed, 23 Apr 2025 00:00:00 GMT

You can now filter AutoRAG search results by folder and timestamp using metadata filtering to narrow down the scope of your query.

This makes it easy to build multitenant experiences where each user can only access their own data. By organizing your content into per-tenant folders and applying a folder filter at query time, you ensure that each tenant retrieves only their own documents.

Example folder structure:

customer-a/logs/
customer-a/contracts/
customer-b/contracts/

Example query:

const response = await env.AI.autorag("my-autorag").search({
  query: "When did I sign my agreement contract?",
  filters: {
    type: "eq",
    key: "folder",
    value: "customer-a/contracts/",
  },
});

You can use metadata filtering by creating a new AutoRAG or reindexing existing data. To reindex all content in an existing AutoRAG, update any chunking setting and select Sync index. Metadata filtering is available for all data indexed on or after April 21, 2025.

If you are new to AutoRAG, get started with the Get started AutoRAG guide.

Cloudflare One Client - WARP client for Windows (version 2025.4.589.1)

Tue, 22 Apr 2025 20:20:21 GMT

A new Beta release for the Windows WARP client is now available on the beta releases downloads page.

Changes and improvements

Fixed an issue causing reconnection loops when captive portals are detected.
Fixed an issue that caused WARP client disk encryption posture checks to fail due to missing drive names.
Fixed an issue where managed network policies could incorrectly report network location beacons as missing.
Improved error reporting for DEX tests.
Improved WARP client UI high contrast mode.
Fixed an issue causing client notifications to fail in IPv6 only environments which prevented the client from receiving configuration changes to settings like device profile.
Added a TCP fallback for the MASQUE tunnel protocol to improve compatibility with networks on MASQUE.
Added new IP addresses for tunnel connectivity checks. If your organization uses a firewall or other policies you will need to exempt these IPs.
DNS over HTTPS traffic is now included in the WARP tunnel by default.
Improved the error message displayed in the client GUI when the rate limit for entering an incorrect admin override code is met.
Added a Collect Captive Portal Diag button in the client GUI to make it easier for users to collect captive portal debugging diagnostics.
Improved handling of non-SLAAC IPv6 interface addresses for better connectivity in IPv6 only environments.
Fixed an issue where frequent network changes could cause WARP to become unresponsive.

Known issues

DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2025.4.589.1)

Tue, 22 Apr 2025 20:20:21 GMT

A new Beta release for the macOS WARP client is now available on the beta releases downloads page.

Changes and improvements

Fixed an issue where managed network policies could incorrectly report network location beacons as missing.
Improved DEX test error reporting.
Fixed an issue causing client notifications to fail in IPv6 only environments which prevented the client from receiving configuration changes to settings like device profile.
Improved captive portal detection.
Added a TCP fallback for the MASQUE tunnel protocol to improve compatibility with networks on MASQUE.
Added new IP addresses for tunnel connectivity checks. If your organization uses a firewall or other policies you will need to exempt these IPs.
DNS over HTTPS traffic is now included in the WARP tunnel by default.
Improved the error message displayed in the client GUI when the rate limit for entering an incorrect admin override code is met.
Added a Collect Captive Portal Diag button in the client GUI to make it easier for users to collect captive portal debugging diagnostics.
Improved handling of non-SLAAC IPv6 interface addresses for better connectivity in IPv6 only environments.
Fixed an issue where frequent network changes could cause WARP to become unresponsive.

Known issues

macOS Sequoia: Due to changes Apple introduced in macOS 15.0.x, the WARP client may not behave as expected. Cloudflare recommends the use of macOS 15.4 or later.

WAF - WAF Release - 2025-04-22

Tue, 22 Apr 2025 00:00:00 GMT

Each of this week's rule releases covers a distinct CVE, with half of the rules targeting Remote Code Execution (RCE) attacks. Of the 6 CVEs covered, four were scored as critical, with the other two scored as high.

When deciding which exploits to tackle, Cloudflare tunes into the attackers' areas of focus. Cloudflare's network intelligence provides a unique lens into attacker activity – for instance, through the volume of blocked requests related with CVE exploits after updating WAF Managed Rules with new detections.

From this week's releases, one indicator that RCE is a "hot topic" attack type is the fact that the Oracle PeopleSoft RCE rule accounts for half of all of the new rule matches. This rule patches CVE-2023-22047, a high-severity vulnerability in the Oracle PeopleSoft suite that allows unauthenticated attackers to access PeopleSoft Enterprise PeopleTools data through remote code execution. This is particularly concerning because of the nature of the data managed by PeopleSoft – this can include payroll records or student profile information. This CVE, along with five others, are addressed with the latest detection update to WAF Managed Rules.

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	faa032d9825e4844a1188f3ba5be3327	100738	GitLab - Auth Bypass - CVE:CVE-2023-7028	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	2e96b6d5cdd94f7782b90e266c9531fa	100740	Splunk Enterprise - Remote Code Execution - CVE:CVE-2025-20229	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	5c9c095bc1e5411195edb893f40bbc2b	100741	Oracle PeopleSoft - Remote Code Execution - CVE:CVE-2023-22047	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	1d7a3932296c42fd827055335462167c	100742	CrushFTP - Auth Bypass - CVE:CVE-2025-31161	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	5eb7ed601e6844828b9bdb05caa7b208	100743	Ivanti - Buffer Error - CVE:CVE-2025-22457	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	410317f1e32b41859fa3214dd52139a8	100744	Oracle Access Manager - Remote Code Execution - CVE:CVE-2021-35587	Log	Disabled	This is a New Detection

Access - Access bulk policy tester

Mon, 21 Apr 2025 00:00:00 GMT

The Access bulk policy tester is now available in the Cloudflare Zero Trust dashboard. The bulk policy tester allows you to simulate Access policies against your entire user base before and after deploying any changes. The policy tester will simulate the configured policy against each user's last seen identity and device posture (if applicable).

Logs - Custom fields raw and transformed values support

Fri, 18 Apr 2025 00:00:00 GMT

Custom Fields now support logging both raw and transformed values for request and response headers in the HTTP requests dataset.

These fields are configured per zone and apply to all Logpush jobs in that zone that include request headers, response headers. Each header can be logged in only one format—either raw or transformed—not both.

By default:

Request headers are logged as raw values
Response headers are logged as transformed values

These defaults can be overidden to suit your logging needs.

For more information refer to Custom fields documentation

Queues - Increased limits for Queues pull consumers

Thu, 17 Apr 2025 12:00:00 GMT

Queues pull consumers can now pull and acknowledge up to 5,000 messages / second per queue. Previously, pull consumers were rate limited to 1,200 requests / 5 minutes, aggregated across all queues.

Pull consumers allow you to consume messages over HTTP from any environment—including outside of Cloudflare Workers. They’re also useful when you need fine-grained control over how quickly messages are consumed.

To setup a new queue with a pull based consumer using Wrangler, run:

npx wrangler queues create my-queue
npx wrangler queues consumer http add my-queue

You can also configure a pull consumer using the REST API or the Queues dashboard.

Once configured, you can pull messages from the queue using any HTTP client. You'll need a Cloudflare API Token with queues_read and queues_write permissions. For example:

curl "https://api.cloudflare.com/client/v4/accounts/${CF_ACCOUNT_ID}/queues/${QUEUE_ID}/messages/pull" \
--header "Authorization: Bearer ${API_TOKEN}" \
--header "Content-Type: application/json" \
--data '{ "visibility_timeout": 10000, "batch_size": 2 }'

To learn more about how to acknowledge messages, pull batches at once, and setup multiple consumers, refer to the pull consumer documentation.

As always, Queues doesn't charge for data egress. Pull operations continue to be billed at the existing rate, of $0.40 / million operations. The increased limits are available now, on all new and existing queues. If you're new to Queues, get started with the Cloudflare Queues guide.

KV - Read multiple keys from Workers KV with bulk reads

Thu, 17 Apr 2025 00:00:00 GMT

You can now retrieve up to 100 keys in a single bulk read request made to Workers KV using the binding.

This makes it easier to request multiple KV pairs within a single Worker invocation. Retrieving many key-value pairs using the bulk read operation is more performant than making individual requests since bulk read operations are not affected by Workers simultaneous connection limits.

// Read single key
const key = "key-a";
const value = await env.NAMESPACE.get(key);

// Read multiple keys
const keys = ["key-a", "key-b", "key-c", ...] // up to 100 keys
const values : Map<string, string?> = await env.NAMESPACE.get(keys);

// Print the value of "key-a" to the console.
console.log(`The first key is ${values.get("key-a")}.`)

Consult the Workers KV Read key-value pairs API for full details on Workers KV's new bulk reads support.

Workers, Workers for Platforms - Fixed and documented Workers Routes and Secrets API

Tue, 15 Apr 2025 00:00:00 GMT

Workers Routes API

Previously, a request to the Workers Create Route API always returned null for "script" and an empty string for "pattern" even if the request was successful.

curl https://api.cloudflare.com/client/v4/zones/$CF_ACCOUNT_ID/workers/routes \
-X PUT \
-H "Authorization: Bearer $CF_API_TOKEN" \
-H 'Content-Type: application/json' \
--data '{ "pattern": "example.com/*", "script": "hello-world-script" }'

{
  "result": {
    "id": "bf153a27ba2b464bb9f04dcf75de1ef9",
    "pattern": "",
    "script": null,
    "request_limit_fail_open": false
  },
  "success": true,
  "errors": [],
  "messages": []
}

Now, it properly returns all values!

{
  "result": {
    "id": "bf153a27ba2b464bb9f04dcf75de1ef9",
    "pattern": "example.com/*",
    "script": "hello-world-script",
    "request_limit_fail_open": false
  },
  "success": true,
  "errors": [],
  "messages": []
}

Workers Secrets API

The Workers and Workers for Platforms secrets APIs are now properly documented in the Cloudflare OpenAPI docs. Previously, these endpoints were not publicly documented, leaving users confused on how to directly manage their secrets via the API. Now, you can find the proper endpoints in our public documentation, as well as in our API Library SDKs such as cloudflare-typescript (>4.2.0) and cloudflare-python (>4.1.0).

Note the cloudflare_workers_secret and cloudflare_workers_for_platforms_script_secret Terraform resources are being removed in a future release. This resource is not recommended for managing secrets. Users should instead use the:

Secrets Store with the "Secrets Store Secret" binding on Workers and Workers for Platforms Script Upload
"Secret Text" Binding on Workers Script Upload and Workers for Platforms Script Upload
Workers (and WFP) Secrets API

Data Loss Prevention - New predefined detection entry for ICD-11

Mon, 14 Apr 2025 00:00:00 GMT

You now have access to the World Health Organization (WHO) 2025 edition of the International Classification of Diseases 11th Revision (ICD-11) as a predefined detection entry. The new dataset can be found in the Health Information predefined profile.

ICD-10 dataset remains available for use.

WAF - WAF Release - 2025-04-14

Mon, 14 Apr 2025 00:00:00 GMT

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	9209bb65527f4c088bca5ffad6b2d36c	100739A	Next.js - Auth Bypass - CVE:CVE-2025-29927 - 2	Log	Disabled	This is a New Detection

Gateway - HTTP redirect and custom block page redirect

Fri, 11 Apr 2025 00:00:00 GMT

You can now use more flexible redirect capabilities in Cloudflare One with Gateway.

A new Redirect action is available in the HTTP policy builder, allowing admins to redirect users to any URL when their request matches a policy. You can choose to preserve the original URL and query string, and optionally include policy context via query parameters.
For Block actions, admins can now configure a custom URL to display when access is denied. This block page redirect is set at the account level and can be overridden in DNS or HTTP policies. Policy context can also be passed along in the URL.

Learn more in our documentation for HTTP Redirect and Block page redirect.

Stream - Signed URLs and Infrastructure Improvements on Stream Live WebRTC Beta

Fri, 11 Apr 2025 00:00:00 GMT

Cloudflare Stream has completed an infrastructure upgrade for our Live WebRTC beta support which brings increased scalability and improved playback performance to all customers. WebRTC allows broadcasting directly from a browser (or supported WHIP client) with ultra-low latency to tens of thousands of concurrent viewers across the globe.

Additionally, as part of this upgrade, the WebRTC beta now supports Signed URLs to protect playback, just like our standard live stream options (HLS/DASH).

For more information, learn about the Stream Live WebRTC beta.

Workers AI - Workers AI for Developer Week - faster inference, new models, async batch API, expanded LoRA support

Fri, 11 Apr 2025 00:00:00 GMT

Happy Developer Week 2025! Workers AI is excited to announce a couple of new features and improvements available today. Check out our blog for all the announcement details.

Faster inference + New models

We’re rolling out some in-place improvements to our models that can help speed up inference by 2-4x! Users of the models below will enjoy an automatic speed boost starting today:

@cf/meta/llama-3.3-70b-instruct-fp8-fast gets a speed boost of 2-4x, leveraging techniques like speculative decoding, prefix caching, and an updated inference backend.
@cf/baai/bge-small-en-v1.5, @cf/baai/bge-base-en-v1.5, @cf/baai/bge-large-en-v1.5 get an updated back end, which should improve inference times by 2x.
- With the bge models, we’re also announcing a new parameter called pooling which can take cls or mean as options. We highly recommend using pooling: cls which will help generate more accurate embeddings. However, embeddings generated with cls pooling are not backwards compatible with mean pooling. For this to not be a breaking change, the default remains as mean pooling. Please specify pooling: cls to enjoy more accurate embeddings going forward.

We’re also excited to launch a few new models in our catalog to help round out your experience with Workers AI. We’ll be deprecating some older models in the future, so stay tuned for a deprecation announcement. Today’s new models include:

@cf/mistralai/mistral-small-3.1-24b-instruct: a 24B parameter model achieving state-of-the-art capabilities comparable to larger models, with support for vision and tool calling.
@cf/google/gemma-3-12b-it: well-suited for a variety of text generation and image understanding tasks, including question answering, summarization and reasoning, with a 128K context window, and multilingual support in over 140 languages.
@cf/qwen/qwq-32b: a medium-sized reasoning model, which is capable of achieving competitive performance against state-of-the-art reasoning models, e.g., DeepSeek-R1, o1-mini.
@cf/qwen/qwen2.5-coder-32b-instruct: the current state-of-the-art open-source code LLM, with its coding abilities matching those of GPT-4o.

Batch Inference

Introducing a new batch inference feature that allows you to send us an array of requests, which we will fulfill as fast as possible and send them back as an array. This is really helpful for large workloads such as summarization, embeddings, etc. where you don’t have a human-in-the-loop. Using the batch API will guarantee that your requests are fulfilled eventually, rather than erroring out if we don’t have enough capacity at a given time.

Check out the tutorial to get started! Models that support batch inference today include:

Expanded LoRA support

We’ve upgraded our LoRA experience to include 8 newer models, and can support ranks of up to 32 with a 300MB safetensors file limit (previously limited to rank of 8 and 100MB safetensors) Check out our LoRAs page to get started. Models that support LoRAs now include:

D1, Workers - D1 Read Replication Public Beta

Thu, 10 Apr 2025 00:00:00 GMT

D1 read replication is available in public beta to help lower average latency and increase overall throughput for read-heavy applications like e-commerce websites or content management tools.

Workers can leverage read-only database copies, called read replicas, by using D1 Sessions API. A session encapsulates all the queries from one logical session for your application. For example, a session may correspond to all queries coming from a particular web browser session. With Sessions API, D1 queries in a session are guaranteed to be sequentially consistent to avoid data consistency pitfalls. D1 bookmarks can be used from a previous session to ensure logical consistency between sessions.

// retrieve bookmark from previous session stored in HTTP header
const bookmark = request.headers.get("x-d1-bookmark") ?? "first-unconstrained";

const session = env.DB.withSession(bookmark);
const result = await session
  .prepare(`SELECT * FROM Customers WHERE CompanyName = 'Bs Beverages'`)
  .run();
// store bookmark for a future session
response.headers.set("x-d1-bookmark", session.getBookmark() ?? "");

Read replicas are automatically created by Cloudflare (currently one in each supported D1 region), are active/inactive based on query traffic, and are transparently routed to by Cloudflare at no additional cost.

To checkout D1 read replication, deploy the following Worker code using Sessions API, which will prompt you to create a D1 database and enable read replication on said database.

To learn more about how read replication was implemented, go to our blog post.

Pipelines, R2, Workers - Cloudflare Pipelines now available in beta

Thu, 10 Apr 2025 00:00:00 GMT

Cloudflare Pipelines is now available in beta, to all users with a Workers Paid plan.

Pipelines let you ingest high volumes of real time data, without managing the underlying infrastructure. A single pipeline can ingest up to 100 MB of data per second, via HTTP or from a Worker. Ingested data is automatically batched, written to output files, and delivered to an R2 bucket in your account. You can use Pipelines to build a data lake of clickstream data, or to store events from a Worker.

Create your first pipeline with a single command:

$ npx wrangler@latest pipelines create my-clickstream-pipeline --r2-bucket my-bucket

🌀 Authorizing R2 bucket "my-bucket"
🌀 Creating pipeline named "my-clickstream-pipeline"
✅ Successfully created pipeline my-clickstream-pipeline

Id:    0e00c5ff09b34d018152af98d06f5a1xvc
Name:  my-clickstream-pipeline
Sources:
  HTTP:
    Endpoint:        https://0e00c5ff09b34d018152af98d06f5a1xvc.pipelines.cloudflare.com/
    Authentication:  off
    Format:          JSON
  Worker:
    Format:  JSON
Destination:
  Type:         R2
  Bucket:       my-bucket
  Format:       newline-delimited JSON
  Compression:  GZIP
Batch hints:
  Max bytes:     100 MB
  Max duration:  300 seconds
  Max records:   100,000

🎉 You can now send data to your pipeline!

Send data to your pipeline's HTTP endpoint:
curl "https://0e00c5ff09b34d018152af98d06f5a1xvc.pipelines.cloudflare.com/" -d '[{ ...JSON_DATA... }]'

To send data to your pipeline from a Worker, add the following configuration to your config file:
{
  "pipelines": [
    {
      "pipeline": "my-clickstream-pipeline",
      "binding": "PIPELINE"
    }
  ]
}

Head over to our getting started guide for an in-depth tutorial to building with Pipelines.

R2 - R2 Data Catalog is a managed Apache Iceberg data catalog built directly into R2 buckets

Thu, 10 Apr 2025 00:00:00 GMT

Today, we're launching R2 Data Catalog in open beta, a managed Apache Iceberg catalog built directly into your Cloudflare R2 bucket.

If you're not already familiar with it, Apache Iceberg is an open table format designed to handle large-scale analytics datasets stored in object storage, offering ACID transactions and schema evolution. R2 Data Catalog exposes a standard Iceberg REST catalog interface, so you can connect engines like Spark, Snowflake, and PyIceberg to start querying your tables using the tools you already know.

To enable a data catalog on your R2 bucket, find R2 Data Catalog in your buckets settings in the dashboard, or run:

npx wrangler r2 bucket catalog enable my-bucket

And that's it. You'll get a catalog URI and warehouse you can plug into your favorite Iceberg engines.

Visit our getting started guide for step-by-step instructions on enabling R2 Data Catalog, creating tables, and running your first queries.

Access - Cloudflare Zero Trust SCIM User and Group Provisioning Logs

Wed, 09 Apr 2025 00:00:00 GMT

Cloudflare Zero Trust SCIM provisioning now has a full audit log of all create, update and delete event from any SCIM Enabled IdP. The SCIM logs support filtering by IdP, Event type, Result and many more fields. This will help with debugging user and group update issues and questions.

SCIM logs can be found on the Zero Trust Dashboard under Logs -> SCIM provisioning.

Hyperdrive - Hyperdrive now supports custom TLS/SSL certificates

Wed, 09 Apr 2025 00:00:00 GMT

Hyperdrive now supports more SSL/TLS security options for your database connections:

Configure Hyperdrive to verify server certificates with verify-ca or verify-full SSL modes and protect against man-in-the-middle attacks
Configure Hyperdrive to provide client certificates to the database server to authenticate itself (mTLS) for stronger security beyond username and password

Use the new wrangler cert commands to create certificate authority (CA) certificate bundles or client certificate pairs:

# Create CA certificate bundle
npx wrangler cert upload certificate-authority --ca-cert your-ca-cert.pem --name your-custom-ca-name

# Create client certificate pair
npx wrangler cert upload mtls-certificate --cert client-cert.pem --key client-key.pem --name your-client-cert-name

Then create a Hyperdrive configuration with the certificates and desired SSL mode:

npx wrangler hyperdrive create your-hyperdrive-config \
  --connection-string="postgres://user:password@hostname:port/database" \
  --ca-certificate-id <CA_CERT_ID> \
  --mtls-certificate-id <CLIENT_CERT_ID>
  --sslmode verify-full

Learn more about configuring SSL/TLS certificates for Hyperdrive to enhance your database security posture.

Rules - Cloudflare Snippets are now Generally Available

Wed, 09 Apr 2025 00:00:00 GMT

Cloudflare Snippets are now generally available at no extra cost across all paid plans — giving you a fast, flexible way to programmatically control HTTP traffic using lightweight JavaScript.

You can now use Snippets to modify HTTP requests and responses with confidence, reliability, and scale. Snippets are production-ready and deeply integrated with Cloudflare Rules, making them ideal for everything from quick dynamic header rewrites to advanced routing logic.

What's new:

Snippets are now GA – Available at no extra cost on all Pro, Business, and Enterprise plans.
Ready for production – Snippets deliver a production-grade experience built for scale.
Part of the Cloudflare Rules platform – Snippets inherit request modifications from other Cloudflare products and support sequential execution, allowing you to run multiple Snippets on the same request and apply custom modifications step by step.
Trace integration – Use Cloudflare Trace to see which Snippets were triggered on a request — helping you understand traffic flow and debug more effectively.

Learn more in the launch blog post.

Secrets Store, SSL/TLS - Cloudflare Secrets Store now available in Beta

Wed, 09 Apr 2025 00:00:00 GMT

Cloudflare Secrets Store is available today in Beta. You can now store, manage, and deploy account level secrets from a secure, centralized platform to your Workers.

To spin up your Cloudflare Secrets Store, simply click the new Secrets Store tab in the dashboard or use this Wrangler command:

wrangler secrets-store store create <name> --remote

The following are supported in the Secrets Store beta:

Secrets Store UI & API: create your store & create, duplicate, update, scope, and delete a secret
Workers UI: bind a new or existing account level secret to a Worker and deploy in code
Wrangler: create your store & create, duplicate, update, scope, and delete a secret
Account Management UI & API: assign Secrets Store permissions roles & view audit logs for actions taken in Secrets Store core platform

For instructions on how to get started, visit our developer documentation.

Workers - Investigate your Workers with the Query Builder in the new Observability dashboard

Wed, 09 Apr 2025 00:00:00 GMT

The Workers Observability dashboard offers a single place to investigate and explore your Workers Logs.

The Overview tab shows logs from all your Workers in one place. The Invocations view groups logs together by invocation, which refers to the specific trigger that started the execution of the Worker (i.e. fetch). The Events view shows logs in the order they were produced, based on timestamp. Previously, you could only view logs for a single Worker.

The Investigate tab presents a Query Builder, which helps you write structured queries to investigate and visualize your logs. The Query Builder can help answer questions such as:

Which paths are experiencing the most 5XX errors?
What is the wall time distribution by status code for my Worker?
What are the slowest requests, and where are they coming from?
Who are my top N users?

The Query Builder can use any field that you store in your logs as a key to visualize, filter, and group by. Use the Query Builder to quickly access your data, build visualizations, save queries, and share them with your team.

Workers Logs is now Generally Available

Workers Logs is now Generally Available. With a small change to your Wrangler configuration, Workers Logs ingests, indexes, and stores all logs emitted from your Workers for up to 7 days.

We've introduced a number of changes during our beta period, including:

Dashboard enhancements with customizable fields as columns in the Logs view and support for invocation-based grouping
Performance improvements to ensure no adverse impact
Public API endpoints for broader consumption

The API documents three endpoints: list the keys in the telemetry dataset, run a query, and list the unique values for a key. For more, visit our REST API documentation.

Visit the docs to learn more about the capabilities and methods exposed by the Query Builder. Start using Workers Logs and the Query Builder today by enabling observability for your Workers:

wrangler.jsonc

{
  "observability": {
    "enabled": true,
    "logs": {
      "invocation_logs": true,
      "head_sampling_rate": 1 // optional. default = 1.
    }
  }
}

wrangler.toml

[observability]
enabled = true

  [observability.logs]
  invocation_logs = true
  head_sampling_rate = 1

Workers - CPU time and Wall time now published for Workers Invocations

Wed, 09 Apr 2025 00:00:00 GMT

You can now observe and investigate the CPU time and Wall time for every Workers Invocations.

For Workers Logs, CPU time and Wall time are surfaced in the Invocation Log..
For Tail Workers, CPU time and Wall time are surfaced at the top level of the Workers Trace Events object.
For Workers Logpush, CPU and Wall time are surfaced at the top level of the Workers Trace Events object. All new jobs will have these new fields included by default. Existing jobs need to be updated to include CPU time and Wall time.

You can use a Workers Logs filter to search for logs where Wall time exceeds 100ms.

You can also use the Workers Observability Query Builder to find the median CPU time and median Wall time for all of your Workers.

Cloudflare One Client - WARP client for Windows (version 2025.2.664.0)

Tue, 08 Apr 2025 21:25:24 GMT

A new GA release for the Windows WARP client is now available on the stable releases downloads page.

This release contains a hotfix for captive portal detection for the 2025.2.600.0 release.

Changes and improvements

Fix to reduce the number of browser tabs opened during captive portal logins.

Known issues

DNS resolution may be broken when the following conditions are all true:
- WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
- A custom DNS server address is configured on the primary network adapter.
- The custom DNS server address on the primary network adapter is changed while WARP is connected.
To work around this issue, reconnect the WARP client by toggling off and back on.

Cloudflare One Client - WARP client for macOS (version 2025.2.664.0)

Tue, 08 Apr 2025 21:25:07 GMT

A new GA release for the macOS WARP client is now available on the stable releases downloads page.

This release contains a hotfix for captive portal detection and PF state tables for the 2025.2.600.0 release.

Changes and improvements

Fix to reduce the number of browser tabs opened during captive portal logins.
Improvement to exclude local DNS traffic entries from PF state table to reduce risk of connectivity issues from exceeding table capacity.

Known issues

macOS Sequoia: Due to changes Apple introduced in macOS 15.0.x, the WARP client may not behave as expected. Cloudflare recommends the use of macOS 15.4 or later.

Email Routing - Local development support for Email Workers

Tue, 08 Apr 2025 00:00:00 GMT

Email Workers enables developers to programmatically take action on anything that hits their email inbox. If you're building with Email Workers, you can now test the behavior of an Email Worker script, receiving, replying and sending emails in your local environment using wrangler dev.

Below is an example that shows you how you can receive messages using the email() handler and parse them using postal-mime:

import * as PostalMime from "postal-mime";

export default {
  async email(message, env, ctx) {
    const parser = new PostalMime.default();
    const rawEmail = new Response(message.raw);
    const email = await parser.parse(await rawEmail.arrayBuffer());
    console.log(email);
  },
};

Now when you run npx wrangler dev, wrangler will expose a local /cdn-cgi/handler/email endpoint that you can POST email messages to and trigger your Worker's email() handler:

curl -X POST 'http://localhost:8787/cdn-cgi/handler/email' \
  --url-query 'from=sender@example.com' \
  --url-query 'to=recipient@example.com' \
  --header 'Content-Type: application/json' \
  --data-raw 'Received: from smtp.example.com (127.0.0.1)
        by cloudflare-email.com (unknown) id 4fwwffRXOpyR
        for <recipient@example.com>; Tue, 27 Aug 2024 15:50:20 +0000
From: "John" <sender@example.com>
Reply-To: sender@example.com
To: recipient@example.com
Subject: Testing Email Workers Local Dev
Content-Type: text/html; charset="windows-1252"
X-Mailer: Curl
Date: Tue, 27 Aug 2024 08:49:44 -0700
Message-ID: <6114391943504294873000@ZSH-GHOSTTY>

Hi there'

This is what you get in the console:

{
  "headers": [
    {
      "key": "received",
      "value": "from smtp.example.com (127.0.0.1) by cloudflare-email.com (unknown) id 4fwwffRXOpyR for <recipient@example.com>; Tue, 27 Aug 2024 15:50:20 +0000"
    },
    { "key": "from", "value": "\"John\" <sender@example.com>" },
    { "key": "reply-to", "value": "sender@example.com" },
    { "key": "to", "value": "recipient@example.com" },
    { "key": "subject", "value": "Testing Email Workers Local Dev" },
    { "key": "content-type", "value": "text/html; charset=\"windows-1252\"" },
    { "key": "x-mailer", "value": "Curl" },
    { "key": "date", "value": "Tue, 27 Aug 2024 08:49:44 -0700" },
    {
      "key": "message-id",
      "value": "<6114391943504294873000@ZSH-GHOSTTY>"
    }
  ],
  "from": { "address": "sender@example.com", "name": "John" },
  "to": [{ "address": "recipient@example.com", "name": "" }],
  "replyTo": [{ "address": "sender@example.com", "name": "" }],
  "subject": "Testing Email Workers Local Dev",
  "messageId": "<6114391943504294873000@ZSH-GHOSTTY>",
  "date": "2024-08-27T15:49:44.000Z",
  "html": "Hi there\n",
  "attachments": []
}

Local development is a critical part of the development flow, and also works for sending, replying and forwarding emails. See our documentation for more information.

Hyperdrive - Hyperdrive Free plan makes fast, global database access available to all

Tue, 08 Apr 2025 00:00:00 GMT

Hyperdrive is now available on the Free plan of Cloudflare Workers, enabling you to build Workers that connect to PostgreSQL or MySQL databases without compromise.

Low-latency access to SQL databases is critical to building full-stack Workers applications. We want you to be able to build on fast, global apps on Workers, regardless of the tools you use. So we made Hyperdrive available for all, to make it easier to build Workers that connect to PostgreSQL and MySQL.

If you want to learn more about how Hyperdrive works, read the deep dive on how Hyperdrive can make your database queries up to 4x faster.

Visit the docs to get started with Hyperdrive for PostgreSQL or MySQL.

Hyperdrive - Hyperdrive introduces support for MySQL and MySQL-compatible databases

Tue, 08 Apr 2025 00:00:00 GMT

Hyperdrive now supports connecting to MySQL and MySQL-compatible databases, including Amazon RDS and Aurora MySQL, Google Cloud SQL for MySQL, Azure Database for MySQL, PlanetScale and MariaDB.

Hyperdrive makes your regional, MySQL databases fast when connecting from Cloudflare Workers. It eliminates unnecessary network roundtrips during connection setup, pools database connections globally, and can cache query results to provide the fastest possible response times.

Best of all, you can connect using your existing drivers, ORMs, and query builders with Hyperdrive's secure credentials, no code changes required.

import { createConnection } from "mysql2/promise";

export interface Env {
  HYPERDRIVE: Hyperdrive;
}

export default {
  async fetch(request, env, ctx): Promise<Response> {
    const connection = await createConnection({
      host: env.HYPERDRIVE.host,
      user: env.HYPERDRIVE.user,
      password: env.HYPERDRIVE.password,
      database: env.HYPERDRIVE.database,
      port: env.HYPERDRIVE.port,
      disableEval: true, // Required for Workers compatibility
    });

    const [results, fields] = await connection.query("SHOW tables;");

    ctx.waitUntil(connection.end());

    return new Response(JSON.stringify({ results, fields }), {
      headers: {
        "Content-Type": "application/json",
        "Access-Control-Allow-Origin": "*",
      },
    });
  },
} satisfies ExportedHandler<Env>;

Learn more about how Hyperdrive works and get started building Workers that connect to MySQL with Hyperdrive.

Workers - Deploy a Workers application in seconds with one-click

Tue, 08 Apr 2025 00:00:00 GMT

You can now add a Deploy to Cloudflare button to the README of your Git repository containing a Workers application — making it simple for other developers to quickly set up and deploy your project!

The Deploy to Cloudflare button:

Creates a new Git repository on your GitHub/ GitLab account: Cloudflare will automatically clone and create a new repository on your account, so you can continue developing.
Automatically provisions resources the app needs: If your repository requires Cloudflare primitives like a Workers KV namespace, a D1 database, or an R2 bucket, Cloudflare will automatically provision them on your account and bind them to your Worker upon deployment.
Configures Workers Builds (CI/CD): Every new push to your production branch on your newly created repository will automatically build and deploy courtesy of Workers Builds.
Adds preview URLs to each pull request: If you'd like to test your changes before deploying, you can push changes to a non-production branch and preview URLs will be generated and posted back to GitHub as a comment.

To create a Deploy to Cloudflare button in your README, you can add the following snippet, including your Git repository URL:

[![Deploy to Cloudflare](https://deploy.workers.cloudflare.com/button)](https://deploy.workers.cloudflare.com/?url=<YOUR_GIT_REPO_URL>)

Check out our documentation for more information on how to set up a deploy button for your application and best practices to ensure a successful deployment for other developers.

Workers, Workers for Platforms - Full-stack frameworks are now Generally Available on Cloudflare Workers

Tue, 08 Apr 2025 00:00:00 GMT

The following full-stack frameworks now have Generally Available ("GA") adapters for Cloudflare Workers, and are ready for you to use in production:

The following frameworks are now in beta, with GA support coming very soon:

Next.js, supported through @opennextjs/cloudflare is now v1.0-beta.
Angular
SolidJS (SolidStart)

You can also build complete full-stack apps on Workers without a framework:

You can “just use Vite" and React together, and build a back-end API in the same Worker. Follow our React SPA with an API tutorial to learn how.

Get started building today with our framework guides, or read our Developer Week 2025 blog post about all the updates to building full-stack applications on Workers.

Workers - Improved support for Node.js Crypto and TLS APIs in Workers

Tue, 08 Apr 2025 00:00:00 GMT

When using a Worker with the nodejs_compat compatibility flag enabled, the following Node.js APIs are now available:

This make it easier to reuse existing Node.js code in Workers or use npm packages that depend on these APIs.

node:crypto

The full node:crypto API is now available in Workers.

You can use it to verify and sign data:

import { sign, verify } from "node:crypto";

const signature = sign("sha256", "-data to sign-", env.PRIVATE_KEY);
const verified = verify("sha256", "-data to sign-", env.PUBLIC_KEY, signature);

Or, to encrypt and decrypt data:

import { publicEncrypt, privateDecrypt } from "node:crypto";

const encrypted = publicEncrypt(env.PUBLIC_KEY, "some data");
const plaintext = privateDecrypt(env.PRIVATE_KEY, encrypted);

See the node:crypto documentation for more information.

node:tls

The following APIs from node:tls are now available:

This enables secure connections over TLS (Transport Layer Security) to external services.

import { connect } from "node:tls";

// ... in a request handler ...
const connectionOptions = { key: env.KEY, cert: env.CERT };
const socket = connect(url, connectionOptions, () => {
  if (socket.authorized) {
    console.log("Connection authorized");
  }
});

socket.on("data", (data) => {
  console.log(data);
});

socket.on("end", () => {
  console.log("server ends connection");
});

See the node:tls documentation for more information.

Workers - The Cloudflare Vite plugin is now Generally Available

Tue, 08 Apr 2025 00:00:00 GMT

The Cloudflare Vite plugin has reached v1.0 and is now Generally Available ("GA").

When you use @cloudflare/vite-plugin, you can use Vite's local development server and build tooling, while ensuring that while developing, your code runs in workerd, the open-source Workers runtime.

This lets you get the best of both worlds for a full-stack app — you can use Hot Module Replacement from Vite right alongside Durable Objects and other runtime APIs and bindings that are unique to Cloudflare Workers.

@cloudflare/vite-plugin is made possible by the new environment API in Vite, and was built in partnership with the Vite team.

Framework support

You can build any type of application with @cloudflare/vite-plugin, using any rendering mode, from single page applications (SPA) and static sites to server-side rendered (SSR) pages and API routes.

React Router v7 (Remix) is the first full-stack framework to provide full support for Cloudflare Vite plugin, allowing you to use all parts of Cloudflare's developer platform, without additional build steps.

You can also build complete full-stack apps on Workers without a framework — "just use Vite" and React together, and build a back-end API in the same Worker. Follow our React SPA with an API tutorial to learn how.

Configuration

If you're already using Vite in your build and development toolchain, you can start using our plugin with minimal changes to your vite.config.ts:

import { defineConfig } from "vite";
import { cloudflare } from "@cloudflare/vite-plugin";

export default defineConfig({
  plugins: [cloudflare()],
});

Take a look at the documentation for our Cloudflare Vite plugin for more information!

Agents, Workers - Build MCP servers with the Agents SDK

Mon, 07 Apr 2025 00:00:00 GMT

The Agents SDK now includes built-in support for building remote MCP (Model Context Protocol) servers directly as part of your Agent. This allows you to easily create and manage MCP servers, without the need for additional infrastructure or configuration.

The SDK includes a new MCPAgent class that extends the Agent class and allows you to expose resources and tools over the MCP protocol, as well as authorization and authentication to enable remote MCP servers.

JavaScript

export class MyMCP extends McpAgent {
  server = new McpServer({
    name: "Demo",
    version: "1.0.0",
  });

  async init() {
    this.server.resource(`counter`, `mcp://resource/counter`, (uri) => {
      // ...
    });

    this.server.tool(
      "add",
      "Add two numbers together",
      { a: z.number(), b: z.number() },
      async ({ a, b }) => {
        // ...
      },
    );
  }
}

TypeScript

export class MyMCP extends McpAgent<Env> {
  server = new McpServer({
    name: "Demo",
    version: "1.0.0",
  });

  async init() {
    this.server.resource(`counter`, `mcp://resource/counter`, (uri) => {
      // ...
    });

    this.server.tool(
      "add",
      "Add two numbers together",
      { a: z.number(), b: z.number() },
      async ({ a, b }) => {
        // ...
      },
    );
  }
}

See the example for the full code and as the basis for building your own MCP servers, and the client example for how to build an Agent that acts as an MCP client.

To learn more, review the announcement blog as part of Developer Week 2025.

Agents SDK updates

We've made a number of improvements to the Agents SDK, including:

Support for building MCP servers with the new MCPAgent class.
The ability to export the current agent, request and WebSocket connection context using import { context } from "agents", allowing you to minimize or avoid direct dependency injection when calling tools.
Fixed a bug that prevented query parameters from being sent to the Agent server from the useAgent React hook.
Automatically converting the agent name in useAgent or useAgentChat to kebab-case to ensure it matches the naming convention expected by routeAgentRequest.

To install or update the Agents SDK, run npm i agents@latest in an existing project, or explore the agents-starter project:

npm create cloudflare@latest -- --template cloudflare/agents-starter

See the full release notes and changelog on the Agents SDK repository and

AI Search, Vectorize - Create fully-managed RAG pipelines for your AI applications with AutoRAG

Mon, 07 Apr 2025 00:00:00 GMT

AutoRAG is now in open beta, making it easy for you to build fully-managed retrieval-augmented generation (RAG) pipelines without managing infrastructure. Just upload your docs to R2, and AutoRAG handles the rest: embeddings, indexing, retrieval, and response generation via API.

With AutoRAG, you can:

Customize your pipeline: Choose from Workers AI models, configure chunking strategies, edit system prompts, and more.
Instant setup: AutoRAG provisions everything you need from Vectorize, AI gateway, to pipeline logic for you, so you can go from zero to a working RAG pipeline in seconds.
Keep your index fresh: AutoRAG continuously syncs your index with your data source to ensure responses stay accurate and up to date.
Ask questions: Query your data and receive grounded responses via a Workers binding or API.

Whether you're building internal tools, AI-powered search, or a support assistant, AutoRAG gets you from idea to deployment in minutes.

Get started in the Cloudflare dashboard or check out the guide for instructions on how to build your RAG pipeline today.

Browser Rendering - Browser Rendering REST API is Generally Available, with new endpoints and a free tier

Mon, 07 Apr 2025 00:00:00 GMT

We’re excited to announce Browser Rendering is now available on the Workers Free plan, making it even easier to prototype and experiment with web search and headless browser use-cases when building applications on Workers.

The Browser Rendering REST API is now Generally Available, allowing you to control browser instances from outside of Workers applications. We've added three new endpoints to help automate more browser tasks:

Extract structured data – Use /json to retrieve structured data from a webpage.
Retrieve links – Use /links to pull all links from a webpage.
Convert to Markdown – Use /markdown to convert webpage content into Markdown format.

For example, to fetch the Markdown representation of a webpage:

curl -X 'POST' 'https://api.cloudflare.com/client/v4/accounts/<accountId>/browser-rendering/markdown' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer <apiToken>' \
  -d '{
    "url": "https://example.com"
  }'

For the full list of endpoints, check out our REST API documentation. You can also interact with Browser Rendering via the Cloudflare TypeScript SDK.

We also recently landed support for Playwright in Browser Rendering for browser automation from Cloudflare Workers, in addition to Puppeteer, giving you more flexibility to test across different browser environments.

Visit the Browser Rendering docs to learn more about how to use headless browsers in your applications.

Durable Objects, Workers - Durable Objects on Workers Free plan

Mon, 07 Apr 2025 00:00:00 GMT

Durable Objects can now be used with zero commitment on the Workers Free plan allowing you to build AI agents with Agents SDK, collaboration tools, and real-time applications like chat or multiplayer games.

Durable Objects let you build stateful, serverless applications with millions of tiny coordination instances that run your application code alongside (in the same thread!) your durable storage. Each Durable Object can access its own SQLite database through a Storage API. A Durable Object class is defined in a Worker script encapsulating the Durable Object's behavior when accessed from a Worker. To try the code below, click the button:

import { DurableObject } from "cloudflare:workers";

// Durable Object
export class MyDurableObject extends DurableObject {
  ...
  async sayHello(name) {
    return `Hello, ${name}!`;
  }
}

// Worker
export default {
  async fetch(request, env) {
    // Every unique ID refers to an individual instance of the Durable Object class
    const id = env.MY_DURABLE_OBJECT.idFromName("foo");

    // A stub is a client used to invoke methods on the Durable Object
    const stub = env.MY_DURABLE_OBJECT.get(id);

    // Methods on the Durable Object are invoked via the stub
    const response = await stub.sayHello("world");

    return response;
  },
};

Free plan limits apply to Durable Objects compute and storage usage. Limits allow developers to build real-world applications, with every Worker request able to call a Durable Object on the free plan.

For more information, checkout:

Durable Objects, Workers - SQLite in Durable Objects GA with 10GB storage per object

Mon, 07 Apr 2025 00:00:00 GMT

SQLite in Durable Objects is now generally available (GA) with 10GB SQLite database per Durable Object. Since the public beta in September 2024, we've added feature parity and robustness for the SQLite storage backend compared to the preexisting key-value (KV) storage backend for Durable Objects.

SQLite-backed Durable Objects are recommended for all new Durable Object classes, using new_sqlite_classes Wrangler configuration. Only SQLite-backed Durable Objects have access to Storage API's SQL and point-in-time recovery methods, which provide relational data modeling, SQL querying, and better data management.

export class MyDurableObject extends DurableObject {
  sql: SqlStorage
  constructor(ctx: DurableObjectState, env: Env) {
    super(ctx, env);
    this.sql = ctx.storage.sql;
  }

  async sayHello() {
    let result = this.sql
      .exec("SELECT 'Hello, World!' AS greeting")
      .one();
    return result.greeting;
  }
}

KV-backed Durable Objects remain for backwards compatibility, and a migration path from key-value storage to SQL storage for existing Durable Object classes will be offered in the future.

For more details on SQLite storage, checkout Zero-latency SQLite storage in every Durable Object blog.

Workers - Capture up to 256 KB of log events in each Workers Invocation

Mon, 07 Apr 2025 00:00:00 GMT

You can now capture a maximum of 256 KB of log events per Workers invocation, helping you gain better visibility into application behavior.

All console.log() statements, exceptions, request metadata, and headers are automatically captured during the Worker invocation and emitted as JSON object. Workers Logs deserializes this object before indexing the fields and storing them. You can also capture, transform, and export the JSON object in a Tail Worker.

256 KB is a 2x increase from the previous 128 KB limit. After you exceed this limit, further context associated with the request will not be recorded in your logs.

This limit is automatically applied to all Workers.

Workflows, Workers - Workflows is now Generally Available

Mon, 07 Apr 2025 00:00:00 GMT

Workflows is now Generally Available (or "GA"): in short, it's ready for production workloads. Alongside marking Workflows as GA, we've introduced a number of changes during the beta period, including:

A new waitForEvent API that allows a Workflow to wait for an event to occur before continuing execution.
Increased concurrency: you can run up to 4,500 Workflow instances concurrently — and this will continue to grow.
Improved observability, including new CPU time metrics that allow you to better understand which Workflow instances are consuming the most resources and/or contributing to your bill.
Support for vitest for testing Workflows locally and in CI/CD pipelines.

Workflows also supports the new increased CPU limits that apply to Workers, allowing you to run more CPU-intensive tasks (up to 5 minutes of CPU time per instance), not including the time spent waiting on network calls, AI models, or other I/O bound tasks.

Human-in-the-loop

The new step.waitForEvent API allows a Workflow instance to wait on events and data, enabling human-in-the-the-loop interactions, such as approving or rejecting a request, directly handling webhooks from other systems, or pushing event data to a Workflow while it's running.

Because Workflows are just code, you can conditionally execute code based on the result of a waitForEvent call, and/or call waitForEvent multiple times in a single Workflow based on what the Workflow needs.

For example, if you wanted to implement a human-in-the-loop approval process, you could use waitForEvent to wait for a user to approve or reject a request, and then conditionally execute code based on the result.

JavaScript

import {
  WorkflowEntrypoint,
  WorkflowStep,
  WorkflowEvent,
} from "cloudflare:workers";

export class MyWorkflow extends WorkflowEntrypoint {
  async run(event, step) {
    // Other steps in your Workflow
    let stripeEvent = await step.waitForEvent(
      "receive invoice paid webhook from Stripe",
      { type: "stripe-webhook", timeout: "1 hour" },
    );
    // Rest of your Workflow
  }
}

TypeScript

import { WorkflowEntrypoint, WorkflowStep, WorkflowEvent } from "cloudflare:workers";

export class MyWorkflow extends WorkflowEntrypoint<Env, Params> {
  async run(event: WorkflowEvent<Params>, step: WorkflowStep) {
    // Other steps in your Workflow
    let stripeEvent = await step.waitForEvent<IncomingStripeWebhook>("receive invoice paid webhook from Stripe", { type: "stripe-webhook", timeout: "1 hour" })
    // Rest of your Workflow
  }
}

You can then send a Workflow an event from an external service via HTTP or from within a Worker using the Workers API for Workflows:

JavaScript

export default {
  async fetch(req, env) {
    const instanceId = new URL(req.url).searchParams.get("instanceId");
    const webhookPayload = await req.json();

    let instance = await env.MY_WORKFLOW.get(instanceId);
    // Send our event, with `type` matching the event type defined in
    // our step.waitForEvent call
    await instance.sendEvent({
      type: "stripe-webhook",
      payload: webhookPayload,
    });

    return Response.json({
      status: await instance.status(),
    });
  },
};

TypeScript

export default {
  async fetch(req: Request, env: Env) {
    const instanceId = new URL(req.url).searchParams.get("instanceId")
    const webhookPayload = await req.json<Payload>()

    let instance = await env.MY_WORKFLOW.get(instanceId);
    // Send our event, with `type` matching the event type defined in
    // our step.waitForEvent call
    await instance.sendEvent({type: "stripe-webhook", payload: webhookPayload})

    return Response.json({
      status: await instance.status(),
    });
  },
};

Read the GA announcement blog to learn more about what landed as part of the Workflows GA.

Browser Rendering - Playwright for Browser Rendering now available

Fri, 04 Apr 2025 00:00:00 GMT

We're excited to share that you can now use Playwright's browser automation capabilities from Cloudflare Workers.

Playwright is an open-source package developed by Microsoft that can do browser automation tasks; it's commonly used to write software tests, debug applications, create screenshots, and crawl pages. Like Puppeteer, we forked Playwright and modified it to be compatible with Cloudflare Workers and Browser Rendering.

Below is an example of how to use Playwright with Browser Rendering to test a TODO application using assertions:

import { launch, type BrowserWorker } from "@cloudflare/playwright";
import { expect } from "@cloudflare/playwright/test";

interface Env {
  MYBROWSER: BrowserWorker;
}

export default {
  async fetch(request: Request, env: Env) {
    const browser = await launch(env.MYBROWSER);
    const page = await browser.newPage();

    await page.goto("https://demo.playwright.dev/todomvc");

    const TODO_ITEMS = [
      "buy some cheese",
      "feed the cat",
      "book a doctors appointment",
    ];

    const newTodo = page.getByPlaceholder("What needs to be done?");
    for (const item of TODO_ITEMS) {
      await newTodo.fill(item);
      await newTodo.press("Enter");
    }

    await expect(page.getByTestId("todo-title")).toHaveCount(TODO_ITEMS.length);

    await Promise.all(
      TODO_ITEMS.map((value, index) =>
        expect(page.getByTestId("todo-title").nth(index)).toHaveText(value),
      ),
    );
  },
};

Playwright is available as an npm package at @cloudflare/playwright and the code is at GitHub.

Learn more in our documentation.

Cache - Workers Fetch API can override Cache Rules

Fri, 04 Apr 2025 00:00:00 GMT

You can now programmatically override Cache Rules using the cf object in the fetch() command. This feature gives you fine-grained control over caching behavior on a per-request basis, allowing Workers to customize cache settings dynamically based on request properties, user context, or business logic.

How it works

Using the cf object in fetch(), you can override specific Cache Rules settings by:

Setting custom cache options: Pass cache properties in the cf object as the second argument to fetch() to override default Cache Rules.
Dynamic cache control: Apply different caching strategies based on request headers, cookies, or other runtime conditions.
Per-request customization: Bypass or modify Cache Rules for individual requests while maintaining default behavior for others.
Programmatic cache management: Implement complex caching logic that adapts to your application's needs.

What can be configured

Workers can override the following Cache Rules settings through the cf object:

cacheEverything: Treat all content as static and cache all file types beyond the default cached content.
cacheTtl: Set custom time-to-live values in seconds for cached content at the edge, regardless of origin headers.
cacheTtlByStatus: Set different TTLs based on the response status code (for example, { "200-299": 86400, 404: 1, "500-599": 0 }).
cacheKey: Customize cache keys to control which requests are treated as the same for caching purposes (Enterprise only).
cacheTags: Append additional cache tags for targeted cache purging operations.

Benefits

Enhanced flexibility: Customize cache behavior without modifying zone-level Cache Rules.
Dynamic optimization: Adjust caching strategies in real-time based on request context.
Simplified configuration: Reduce the number of Cache Rules needed by handling edge cases programmatically.
Improved performance: Fine-tune cache behavior for specific use cases to maximize hit rates.

Get started

To get started, refer to the Workers Fetch API documentation and the cf object properties documentation.

Cache - All cache purge methods now available for all plans

Thu, 03 Apr 2025 00:00:00 GMT

You can now access all Cloudflare cache purge methods — no matter which plan you’re on. Whether you need to update a single asset or instantly invalidate large portions of your site’s content, you now have the same powerful tools previously reserved for Enterprise customers.

Anyone on Cloudflare can now:

Purge Everything: Clears all cached content associated with a website.
Purge by Prefix: Targets URLs sharing a common prefix.
Purge by Hostname: Invalidates content by specific hostnames.
Purge by URL (single-file purge): Precisely targets individual URLs.
Purge by Tag: Uses Cache-Tag response headers to invalidate grouped assets, offering flexibility for complex cache management scenarios.

Want to learn how each purge method works, when to use them, or what limits apply to your plan? Dive into our purge cache documentation and API reference for all the details.

WAF - WAF Release - 2025-04-02

Wed, 02 Apr 2025 00:00:00 GMT

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	8b8074e73b7d4aba92fc68f3622f0483	100732	Sitecore - Code Injection - CVE:CVE-2025-27218	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	8350947451a1401c934f5e660f101cca	100733	Angular-Base64-Upload - Remote Code Execution - CVE:CVE-2024-42640	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	a9ec9cf625ff42769298671d1bbcd247	100734	Apache Camel - Remote Code Execution - CVE:CVE-2025-29891	Log	Disabled	This is a New Detection
Cloudflare Managed Ruleset	3d6bf99039b54312a1a2165590aea1ca	100735	Progress Software WhatsUp Gold - Remote Code Execution - CVE:CVE-2024-4885	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	d104e3246dc14ac7851b4049d9d8c5f2	100737	Apache Tomcat - Remote Code Execution - CVE:CVE-2025-24813	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	21c7a963e1b749e7b1753238a28a42c4	100659	Common Payloads for Server-side Template Injection	N/A	Disabled	N/A
Cloudflare Managed Ruleset	887843ffbe90436dadd1543adaa4b037	100659	Common Payloads for Server-side Template Injection - Base64	N/A	Disabled	N/A
Cloudflare Managed Ruleset	3565b80fc5b541b4832c0fc848f6a9cf	100642	LDAP Injection	N/A	Disabled	N/A
Cloudflare Managed Ruleset	44d7bf9bf0fa4898b8579573e0713e9f	100642	LDAP Injection Base64	N/A	Disabled	N/A
Cloudflare Managed Ruleset	e35c9a670b864a3ba0203ffb1bc977d1	100005	DotNetNuke - File Inclusion - CVE:CVE-2018-9126, CVE:CVE-2011-1892, CVE:CVE-2022-31474	N/A	Disabled	N/A
Cloudflare Managed Ruleset	cd8db44032694fdf8d6e22c1bb70a463	100527	Apache Struts - CVE:CVE-2021-31805	N/A	Block	N/A
Cloudflare Managed Ruleset	0d838d9ab046443fa3f8b3e50c99546a	100702	Command Injection - CVE:CVE-2022-24108	N/A	Block	N/A
Cloudflare Managed Ruleset	533fbad558ce4c5ebcf013f09a5581d0	100622C	Ivanti - Command Injection - CVE:CVE-2023-46805, CVE:CVE-2024-21887, CVE:CVE-2024-22024	N/A	Block	N/A
Cloudflare Managed Ruleset	04176552f62f4b75bf65981206d0b009	100536C	GraphQL Command Injection	N/A	Disabled	N/A
Cloudflare Managed Ruleset	25883bf28575433c952b830c1651d0c8	100536	GraphQL Injection	N/A	Disabled	N/A
Cloudflare Managed Ruleset	7b70da1bb8d243bd80cd7a73af00f61d	100536A	GraphQL Introspection	N/A	Disabled	N/A
Cloudflare Managed Ruleset	58c4853c250946359472b7eaa41e5b67	100536B	GraphQL SSRF	N/A	Disabled	N/A
Cloudflare Managed Ruleset	1c241ed5f5bd44b19e17476b433e5b3d	100559A	Prototype Pollution - Common Payloads	N/A	Disabled	N/A
Cloudflare Managed Ruleset	af748489e1c2411d80d855954816b26f	100559A	Prototype Pollution - Common Payloads - Base64	N/A	Disabled	N/A
Cloudflare Managed Ruleset	ccc47ab7e34248c09546c284fcea5ed2	100734	Apache Camel - Remote Code Execution - CVE:CVE-2025-29891	N/A	Disabled	N/A

Email security - CASB and Email security

Tue, 01 Apr 2025 23:22:49 GMT

With Email security, you get two free CASB integrations.

Use one SaaS integration for Email security to sync with your directory of users, take actions on delivered emails, automatically provide EMLs for reclassification requests for clean emails, discover CASB findings and more.

With the other integration, you can have a separate SaaS integration for CASB findings for another SaaS provider.

Refer to Add an integration to learn more about this feature.

This feature is available across these Email security packages:

Enterprise
Enterprise + PhishGuard

Queues - New Pause & Purge APIs for Queues

Thu, 27 Mar 2025 12:00:00 GMT

Queues now supports the ability to pause message delivery and/or purge (delete) messages on a queue. These operations can be useful when:

Your consumer has a bug or downtime, and you want to temporarily stop messages from being processed while you fix the bug
You have pushed invalid messages to a queue due to a code change during development, and you want to clean up the backlog
Your queue has a backlog that is stale and you want to clean it up to allow new messages to be consumed

To pause a queue using Wrangler, run the pause-delivery command. Paused queues continue to receive messages. And you can easily unpause a queue using the resume-delivery command.

$ wrangler queues pause-delivery my-queue
Pausing message delivery for queue my-queue.
Paused message delivery for queue my-queue.

$ wrangler queues resume-delivery my-queue
Resuming message delivery for queue my-queue.
Resumed message delivery for queue my-queue.

Purging a queue permanently deletes all messages in the queue. Unlike pausing, purging is an irreversible operation:

$ wrangler queues purge my-queue
✔ This operation will permanently delete all the messages in queue my-queue. Type my-queue to proceed. … my-queue
Purged queue 'my-queue'

You can also do these operations using the Queues REST API, or the dashboard page for a queue.

This feature is available on all new and existing queues. Head over to the pause and purge documentation to learn more. And if you haven't used Cloudflare Queues before, get started with the Cloudflare Queues guide.

Registrar - Register and renew .ai and .shop domains at cost

Thu, 27 Mar 2025 10:00:00 GMT

Cloudflare Registrar now supports .ai and .shop domains. These are two of our most highly-requested top-level domains (TLDs) and are great additions to the 300+ other TLDs we support.

Starting today, customers can:

Register and renew these domains at cost without any markups or add-on fees
Enjoy best-in-class security and performance with native integrations with Cloudflare DNS, CDN, and SSL services like one-click DNSSEC
Combat domain hijacking with Custom Domain Protection (available on enterprise plans)

We can't wait to see what AI and e-commerce projects you deploy on Cloudflare. To get started, transfer your domains to Cloudflare or search for new ones to register.

Audit Logs - Audit logs (version 2) - Beta Release

Thu, 27 Mar 2025 00:00:00 GMT

The latest version of audit logs streamlines audit logging by automatically capturing all user and system actions performed through the Cloudflare Dashboard or public APIs. This update leverages Cloudflare’s existing API Shield to generate audit logs based on OpenAPI schemas, ensuring a more consistent and automated logging process.

Availability: Audit logs (version 2) is now in Beta, with support limited to API access.

Use the following API endpoint to retrieve audit logs:

GET https://api.cloudflare.com/client/v4/accounts/<account_id>/logs/audit?since=<date>&before=<date>

You can access detailed documentation for audit logs (version 2) Beta API release here.

Key Improvements in the Beta Release:

Automated & standardized logging: Logs are now generated automatically using a standardized system, replacing manual, team-dependent logging. This ensures consistency across all Cloudflare services.
Expanded product coverage: Increased audit log coverage from 75% to 95%. Key API endpoints such as /accounts, /zones, and /organizations are now included.
Granular filtering: Logs now follow a uniform format, enabling precise filtering by actions, users, methods, and resources—allowing for faster and more efficient investigations.
Enhanced context and traceability: Each log entry now includes detailed context, such as the authentication method used, the interface (API or Dashboard) through which the action was performed, and mappings to Cloudflare Ray IDs for better traceability.
Comprehensive activity capture: Expanded logging to include GET requests and failed attempts, ensuring that all critical activities are recorded.

Known Limitations in Beta

Error handling for the API is not implemented.
There may be gaps or missing entries in the available audit logs.
UI is unavailable in this Beta release.
System-level logs and User-Activity logs are not included.

Support for these features is coming as part of the GA release later this year. For more details, including a sample audit log, check out our blog post: Introducing Automatic Audit Logs

Cloudflare Fundamentals - Updates to Account Home - Quick actions, traffic insights, Workers projects, and more

Wed, 26 Mar 2025 06:00:00 GMT

Recently, Account Home has been updated to streamline your workflows:

Recent Workers projects: You'll now find your projects readily accessible from a new Developer Platform tab on Account Home. See recently-modified projects and explore what you can work our developer-focused products.
Traffic and security insights: Get a snapshot of domain performance at a glance with key metrics and trends.
Quick actions: You can now perform common actions for your account, domains, and even Workers in just 1-2 clicks from the 3-dot menu.
Keep starred domains front and center: Now, when you filter for starred domains on Account Home, we'll save your preference so you'll continue to only see starred domains by default.

We can't wait for you to take the new Account Home for a spin.

For more info:

Workers - Run Workers for up to 5 minutes of CPU-time

Wed, 26 Mar 2025 00:00:00 GMT

You can now run a Worker for up to 5 minutes of CPU time for each request.

Previously, each Workers request ran for a maximum of 30 seconds of CPU time — that is the time that a Worker is actually performing a task (we still allowed unlimited wall-clock time, in case you were waiting on slow resources). This meant that some compute-intensive tasks were impossible to do with a Worker. For instance, you might want to take the cryptographic hash of a large file from R2. If this computation ran for over 30 seconds, the Worker request would have timed out.

By default, Workers are still limited to 30 seconds of CPU time. This protects developers from incurring accidental cost due to buggy code.

By changing the cpu_ms value in your Wrangler configuration, you can opt in to any value up to 300,000 (5 minutes).

wrangler.jsonc

{
  // ...rest of your configuration...
  "limits": {
    "cpu_ms": 300000,
  },
  // ...rest of your configuration...
}

wrangler.toml
```
[limits]
cpu_ms = 300_000
```

For more information on the updates limits, see the documentation on Wrangler configuration for cpu_ms and on Workers CPU time limits.

For building long-running tasks on Cloudflare, we also recommend checking out Workflows and Queues.

Workers - Source Maps are Generally Available

Tue, 25 Mar 2025 00:00:00 GMT

Source maps are now Generally Available (GA). You can now be uploaded with a maximum gzipped size of 15 MB. Previously, the maximum size limit was 15 MB uncompressed.

Source maps help map between the original source code and the transformed/minified code that gets deployed to production. By uploading your source map, you allow Cloudflare to map the stack trace from exceptions onto the original source code making it easier to debug.

With no source maps uploaded: notice how all the Javascript has been minified to one file, so the stack trace is missing information on file name, shows incorrect line numbers, and incorrectly references js instead of ts.

With source maps uploaded: all methods reference the correct files and line numbers.

Uploading source maps and stack trace remapping happens out of band from the Worker execution, so source maps do not affect upload speed, bundle size, or cold starts. The remapped stack traces are accessible through Tail Workers, Workers Logs, and Workers Logpush.

To enable source maps, add the following to your Pages Function's or Worker's wrangler configuration:

wrangler.jsonc
```
{
  "upload_source_maps": true
}
```
wrangler.toml
```
upload_source_maps = true
```

WAF - WAF Release - 2025-03-22 - Emergency

Sat, 22 Mar 2025 00:00:00 GMT

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	34583778093748cc83ff7b38f472013e	100739	Next.js - Auth Bypass - CVE:CVE-2025-29927	N/A	Disabled	This is a New Detection

Workers, Pages, WAF - New Managed WAF rule for Next.js CVE-2025-29927.

Sat, 22 Mar 2025 00:00:00 GMT

Update: Mon Mar 24th, 11PM UTC: Next.js has made further changes to address a smaller vulnerability introduced in the patches made to its middleware handling. Users should upgrade to Next.js versions 15.2.4, 14.2.26, 13.5.10 or 12.3.6. If you are unable to immediately upgrade or are running an older version of Next.js, you can enable the WAF rule described in this changelog as a mitigation.

Update: Mon Mar 24th, 8PM UTC: Next.js has now backported the patch for this vulnerability to cover Next.js v12 and v13. Users on those versions will need to patch to 13.5.9 and 12.3.5 (respectively) to mitigate the vulnerability.

Update: Sat Mar 22nd, 4PM UTC: We have changed this WAF rule to opt-in only, as sites that use auth middleware with third-party auth vendors were observing failing requests.

We strongly recommend updating your version of Next.js (if eligible) to the patched versions, as your app will otherwise be vulnerable to an authentication bypass attack regardless of auth provider.

Enable the Managed Rule (strongly recommended)

This rule is opt-in only for sites on the Pro plan or above in the WAF managed ruleset.

To enable the rule:

Head to Security > WAF > Managed rules in the Cloudflare dashboard for the zone (website) you want to protect.
Click the three dots next to Cloudflare Managed Ruleset and choose Edit
Scroll down and choose Browse Rules
Search for CVE-2025-29927 (ruleId: 34583778093748cc83ff7b38f472013e)
Change the Status to Enabled and the Action to Block. You can optionally set the rule to Log, to validate potential impact before enabling it. Log will not block requests.
Click Next
Scroll down and choose Save

This will enable the WAF rule and block requests with the x-middleware-subrequest header regardless of Next.js version.

Create a WAF rule (manual)

For users on the Free plan, or who want to define a more specific rule, you can create a Custom WAF rule to block requests with the x-middleware-subrequest header regardless of Next.js version.

To create a custom rule:

Head to Security > WAF > Custom rules in the Cloudflare dashboard for the zone (website) you want to protect.
Give the rule a name - e.g. next-js-CVE-2025-29927
Set the matching parameters for the rule match any request where the x-middleware-subrequest header exists per the rule expression below.

(len(http.request.headers["x-middleware-subrequest"]) > 0)

Set the action to 'block'. If you want to observe the impact before blocking requests, set the action to 'log' (and edit the rule later).
Deploy the rule.

Next.js CVE-2025-29927

We've made a WAF (Web Application Firewall) rule available to all sites on Cloudflare to protect against the Next.js authentication bypass vulnerability (CVE-2025-29927) published on March 21st, 2025.

Note: This rule is not enabled by default as it blocked requests across sites for specific authentication middleware.

This managed rule protects sites using Next.js on Workers and Pages, as well as sites using Cloudflare to protect Next.js applications hosted elsewhere.
This rule has been made available (but not enabled by default) to all sites as part of our WAF Managed Ruleset and blocks requests that attempt to bypass authentication in Next.js applications.
The vulnerability affects almost all Next.js versions, and has been fully patched in Next.js 14.2.26 and 15.2.4. Earlier, interim releases did not fully patch this vulnerability.
Users on older versions of Next.js (11.1.4 to 13.5.6) did not originally have a patch available, but this the patch for this vulnerability and a subsequent additional patch have been backported to Next.js versions 12.3.6 and 13.5.10 as of Monday, March 24th. Users on Next.js v11 will need to deploy the stated workaround or enable the WAF rule.

The managed WAF rule mitigates this by blocking external user requests with the x-middleware-subrequest header regardless of Next.js version, but we recommend users using Next.js 14 and 15 upgrade to the patched versions of Next.js as an additional mitigation.

Workers, Pages - Smart Placement is smarter about running Workers and Pages Functions in the best locations

Sat, 22 Mar 2025 00:00:00 GMT

Smart Placement is a unique Cloudflare feature that can make decisions to move your Worker to run in a more optimal location (such as closer to a database). Instead of always running in the default location (the one closest to where the request is received), Smart Placement uses certain “heuristics” (rules and thresholds) to decide if a different location might be faster or more efficient.

Previously, if these heuristics weren't consistently met, your Worker would revert to running in the default location—even after it had been optimally placed. This meant that if your Worker received minimal traffic for a period of time, the system would reset to the default location, rather than remaining in the optimal one.

Now, once Smart Placement has identified and assigned an optimal location, temporarily dropping below the heuristic thresholds will not force a return to default locations. For example in the previous algorithm, a drop in requests for a few days might return to default locations and heuristics would have to be met again. This was problematic for workloads that made requests to a geographically located resource every few days or longer. In this scenario, your Worker would never get placed optimally. This is no longer the case.

AI Gateway - AI Gateway launches Realtime WebSockets API

Fri, 21 Mar 2025 00:00:00 GMT

We are excited to announce that AI Gateway now supports real-time AI interactions with the new Realtime WebSockets API.

This new capability allows developers to establish persistent, low-latency connections between their applications and AI models, enabling natural, real-time conversational AI experiences, including speech-to-speech interactions.

The Realtime WebSockets API works with the OpenAI Realtime API, Google Gemini Live API, and supports real-time text and speech interactions with models from Cartesia, and ElevenLabs.

Here's how you can connect AI Gateway to OpenAI's Realtime API using WebSockets:

import WebSocket from "ws";

const url =
  "wss://gateway.ai.cloudflare.com/v1/<account_id>/<gateway>/openai?model=gpt-4o-realtime-preview-2024-12-17";
const ws = new WebSocket(url, {
  headers: {
    "cf-aig-authorization": process.env.CLOUDFLARE_API_KEY,
    Authorization: "Bearer " + process.env.OPENAI_API_KEY,
    "OpenAI-Beta": "realtime=v1",
  },
});

ws.on("open", () => console.log("Connected to server."));
ws.on("message", (message) => console.log(JSON.parse(message.toString())));

ws.send(
  JSON.stringify({
    type: "response.create",
    response: { modalities: ["text"], instructions: "Tell me a joke" },
  }),
);

Get started by checking out the Realtime WebSockets API documentation.

Gateway - Secure DNS Locations Management User Role

Fri, 21 Mar 2025 00:00:00 GMT

We're excited to introduce the Cloudflare Zero Trust Secure DNS Locations Write role, designed to provide DNS filtering customers with granular control over third-party access when configuring their Protective DNS (PDNS) solutions.

Many DNS filtering customers rely on external service partners to manage their DNS location endpoints. This role allows you to grant access to external parties to administer DNS locations without overprovisioning their permissions.

Secure DNS Location Requirements:

Mandate usage of Bring your own DNS resolver IP addresses if available on the account.
Require source network filtering for IPv4/IPv6/DoT endpoints; token authentication or source network filtering for the DoH endpoint.

You can assign the new role via Cloudflare Dashboard (Manage Accounts > Members) or via API. For more information, refer to the Secure DNS Locations documentation.

Cloudflare Fundamentals, Terraform - Dozens of Cloudflare Terraform Provider resources now have proper drift detection

Fri, 21 Mar 2025 00:00:00 GMT

In Cloudflare Terraform Provider versions 5.2.0 and above, dozens of resources now have proper drift detection. Before this fix, these resources would indicate they needed to be updated or replaced — even if there was no real change. Now, you can rely on your terraform plan to only show what resources are expected to change.

This issue affected resources related to these products and features:

API Shield
Argo Smart Routing
Argo Tiered Caching
Bot Management
BYOIP
D1
DNS
Email Routing
Hyperdrive
Observatory
Pages
R2
Rules
SSL/TLS
Waiting Room
Workers
Zero Trust

Cloudflare Fundamentals, Terraform - Cloudflare Terraform Provider now properly redacts sensitive values

Fri, 21 Mar 2025 00:00:00 GMT

In the Cloudflare Terraform Provider versions 5.2.0 and above, sensitive properties of resources are redacted in logs. Sensitive properties in Cloudflare's OpenAPI Schema are now annotated with x-sensitive: true. This results in proper auto-generation of the corresponding Terraform resources, and prevents sensitive values from being shown when you run Terraform commands.

This issue affected resources related to these products and features:

Alerts and Audit Logs
Device API
DLP
DNS
Magic Visibility
Magic WAN
TLS Certs and Hostnames
Tunnels
Turnstile
Workers
Zaraz

Workers AI - Markdown conversion in Workers AI

Thu, 20 Mar 2025 00:00:00 GMT

Document conversion plays an important role when designing and developing AI applications and agents. Workers AI now provides the toMarkdown utility method that developers can use to for quick, easy, and convenient conversion and summary of documents in multiple formats to Markdown language.

You can call this new tool using a binding by calling env.AI.toMarkdown() or the using the REST API endpoint.

In this example, we fetch a PDF document and an image from R2 and feed them both to env.AI.toMarkdown(). The result is a list of converted documents. Workers AI models are used automatically to detect and summarize the image.

import { Env } from "./env";

export default {
  async fetch(request: Request, env: Env, ctx: ExecutionContext) {
    // https://pub-979cb28270cc461d94bc8a169d8f389d.r2.dev/somatosensory.pdf
    const pdf = await env.R2.get("somatosensory.pdf");

    // https://pub-979cb28270cc461d94bc8a169d8f389d.r2.dev/cat.jpeg
    const cat = await env.R2.get("cat.jpeg");

    return Response.json(
      await env.AI.toMarkdown([
        {
          name: "somatosensory.pdf",
          blob: new Blob([await pdf.arrayBuffer()], {
            type: "application/octet-stream",
          }),
        },
        {
          name: "cat.jpeg",
          blob: new Blob([await cat.arrayBuffer()], {
            type: "application/octet-stream",
          }),
        },
      ]),
    );
  },
};

This is the result:

[
  {
    "name": "somatosensory.pdf",
    "mimeType": "application/pdf",
    "format": "markdown",
    "tokens": 0,
    "data": "# somatosensory.pdf\n## Metadata\n- PDFFormatVersion=1.4\n- IsLinearized=false\n- IsAcroFormPresent=false\n- IsXFAPresent=false\n- IsCollectionPresent=false\n- IsSignaturesPresent=false\n- Producer=Prince 20150210 (www.princexml.com)\n- Title=Anatomy of the Somatosensory System\n\n## Contents\n### Page 1\nThis is a sample document to showcase..."
  },
  {
    "name": "cat.jpeg",
    "mimeType": "image/jpeg",
    "format": "markdown",
    "tokens": 0,
    "data": "The image is a close-up photograph of Grumpy Cat, a cat with a distinctive grumpy expression and piercing blue eyes. The cat has a brown face with a white stripe down its nose, and its ears are pointed upright. Its fur is light brown and darker around the face, with a pink nose and mouth. The cat's eyes are blue and slanted downward, giving it a perpetually grumpy appearance. The background is blurred, but it appears to be a dark brown color. Overall, the image is a humorous and iconic representation of the popular internet meme character, Grumpy Cat. The cat's facial expression and posture convey a sense of displeasure or annoyance, making it a relatable and entertaining image for many people."
  }
]

See Markdown Conversion for more information on supported formats, REST API and pricing.

WAF - WAF Release - 2025-03-19 - Emergency

Wed, 19 Mar 2025 00:00:00 GMT

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	470b477e27244fddb479c4c7a2cafae7	100736	Generic HTTP Request Smuggling	N/A	Disabled	This is a New Detection

Agents, Workers - npm i agents

Tue, 18 Mar 2025 00:00:00 GMT

`agents-sdk` -> `agents` Updated

📝 We've renamed the Agents package to agents!

If you've already been building with the Agents SDK, you can update your dependencies to use the new package name, and replace references to agents-sdk with agents:

# Install the new package
npm i agents

# Remove the old (deprecated) package
npm uninstall agents-sdk

# Find instances of the old package name in your codebase
grep -r 'agents-sdk' .
# Replace instances of the old package name with the new one
# (or use find-replace in your editor)
sed -i 's/agents-sdk/agents/g' $(grep -rl 'agents-sdk' .)

All future updates will be pushed to the new agents package, and the older package has been marked as deprecated.

Agents SDK updates New

We've added a number of big new features to the Agents SDK over the past few weeks, including:

You can now set cors: true when using routeAgentRequest to return permissive default CORS headers to Agent responses.
The regular client now syncs state on the agent (just like the React version).
useAgentChat bug fixes for passing headers/credentials, including properly clearing cache on unmount.
Experimental /schedule module with a prompt/schema for adding scheduling to your app (with evals!).
Changed the internal zod schema to be compatible with the limitations of Google's Gemini models by removing the discriminated union, allowing you to use Gemini models with the scheduling API.

We've also fixed a number of bugs with state synchronization and the React hooks.

JavaScript

// via https://github.com/cloudflare/agents/tree/main/examples/cross-domain
export default {
  async fetch(request, env) {
    return (
      // Set { cors: true } to enable CORS headers.
      (await routeAgentRequest(request, env, { cors: true })) ||
      new Response("Not found", { status: 404 })
    );
  },
};

TypeScript

// via https://github.com/cloudflare/agents/tree/main/examples/cross-domain
export default {
  async fetch(request: Request, env: Env) {
    return (
      // Set { cors: true } to enable CORS headers.
      (await routeAgentRequest(request, env, { cors: true })) ||
      new Response("Not found", { status: 404 })
    );
  },
} satisfies ExportedHandler<Env>;

Call Agent methods from your client code New

We've added a new @unstable_callable() decorator for defining methods that can be called directly from clients. This allows you call methods from within your client code: you can call methods (with arguments) and get native JavaScript objects back.

JavaScript

// server.ts
import { unstable_callable, Agent } from "agents";
export class Rpc extends Agent {
  // Use the decorator to define a callable method
  @unstable_callable({
    description: "rpc test",
  })
  async getHistory() {
    return this.sql`SELECT * FROM history ORDER BY created_at DESC LIMIT 10`;
  }
}

TypeScript

// server.ts
import { unstable_callable, Agent, type StreamingResponse } from "agents";
import type { Env } from "../server";

export class Rpc extends Agent<Env> {
  // Use the decorator to define a callable method
  @unstable_callable({
    description: "rpc test",
  })
  async getHistory() {
    return this.sql`SELECT * FROM history ORDER BY created_at DESC LIMIT 10`;
  }
}

agents-starter Updated

We've fixed a number of small bugs in the agents-starter project — a real-time, chat-based example application with tool-calling & human-in-the-loop built using the Agents SDK. The starter has also been upgraded to use the latest wrangler v4 release.

If you're new to Agents, you can install and run the agents-starter project in two commands:

# Install it
$ npm create cloudflare@latest agents-starter -- --template="cloudflare/agents-starter"
# Run it
$ npm run start

You can use the starter as a template for your own Agents projects: open up src/server.ts and src/client.tsx to see how the Agents SDK is used.

API Shield - New API Posture Management for API Shield

Tue, 18 Mar 2025 00:00:00 GMT

Now, API Shield automatically labels your API inventory with API-specific risks so that you can track and manage risks to your APIs.

View these risks in Endpoint Management by label:

...or in Security Center Insights:

API Shield will scan for risks on your API inventory daily. Here are the new risks we're scanning for and automatically labelling:

cf-risk-sensitive: applied if the customer is subscribed to the sensitive data detection ruleset and the WAF detects sensitive data returned on an endpoint in the last seven days.
cf-risk-missing-auth: applied if the customer has configured a session ID and no successful requests to the endpoint contain the session ID.
cf-risk-mixed-auth: applied if the customer has configured a session ID and some successful requests to the endpoint contain the session ID while some lack the session ID.
cf-risk-missing-schema: added when a learned schema is available for an endpoint that has no active schema.
cf-risk-error-anomaly: added when an endpoint experiences a recent increase in response errors over the last 24 hours.
cf-risk-latency-anomaly: added when an endpoint experiences a recent increase in response latency over the last 24 hours.
cf-risk-size-anomaly: added when an endpoint experiences a spike in response body size over the last 24 hours.

In addition, API Shield has two new 'beta' scans for Broken Object Level Authorization (BOLA) attacks. If you're in the beta, you will see the following two labels when API Shield suspects an endpoint is suffering from a BOLA vulnerability:

cf-risk-bola-enumeration: added when an endpoint experiences successful responses with drastic differences in the number of unique elements requested by different user sessions.
cf-risk-bola-pollution: added when an endpoint experiences successful responses where parameters are found in multiple places in the request.

We are currently accepting more customers into our beta. Contact your account team if you are interested in BOLA attack detection for your API.

Refer to the blog post for more information about Cloudflare's expanded posture management capabilities.

Radar - Leaked Credentials Insights in Cloudflare Radar

Tue, 18 Mar 2025 00:00:00 GMT

Radar has expanded its security insights, providing visibility into aggregate trends in authentication requests, including the detection of leaked credentials through leaked credentials detection scans.

We have now introduced the following endpoints:

/leaked_credential_checks/summary/{dimension}: Retrieves summaries of HTTP authentication requests distribution across two different dimensions.
/leaked_credential_checks/timeseries_groups/{dimension}: Retrieves timeseries data for HTTP authentication requests distribution across two different dimensions.

The following dimensions are available, displaying the distribution of HTTP authentication requests based on:

compromised: Credential status (clean vs. compromised).
bot_class: Bot class (human vs. bot).

Dive deeper into leaked credential detection in this blog post and learn more about the expanded Radar security insights in our blog post.

Cloudflare One Client - Cloudflare One Agent for Android (version 2.4)

Mon, 17 Mar 2025 00:00:00 GMT

A new GA release for the Android Cloudflare One Agent is now available in the Google Play Store. This release includes a new feature allowing team name insertion by URL during enrollment, as well as fixes and minor improvements.

Changes and improvements

Improved in-app error messages.
Improved mobile client login with support for team name insertion by URL.
Fixed an issue preventing admin split tunnel settings taking priority for traffic from certain applications.

Cloudflare One Client - Cloudflare One Agent for iOS (version 1.10)

Mon, 17 Mar 2025 00:00:00 GMT

A new GA release for the iOS Cloudflare One Agent is now available in the iOS App Store. This release includes a new feature allowing team name insertion by URL during enrollment, as well as fixes and minor improvements.

Changes and improvements

Improved in-app error messages.
Improved mobile client login with support for team name insertion by URL.
Bug fixes and performance improvements.

WAF - WAF Release - 2025-03-17

Mon, 17 Mar 2025 00:00:00 GMT

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	28b2a12993a04e62a98abcd9e59ec18a	100725	Fortinet FortiManager - Remote Code Execution - CVE:CVE-2023-42791, CVE:CVE-2024-23666	Log	Block
Cloudflare Managed Ruleset	f253d755910e4998bd90365d1dbf58df	100726	Ivanti - Remote Code Execution - CVE:CVE-2024-8190	Log	Block
Cloudflare Managed Ruleset	19ae0094a8d845a1bb1997af0ad61fa7	100727	Cisco IOS XE - Remote Code Execution - CVE:CVE-2023-20198	Log	Disabled	Fixed action value in changelog; no rule changes.
Cloudflare Managed Ruleset	83a677f082264693ad64a2827ee56b66	100728	Sitecore - Remote Code Execution - CVE:CVE-2024-46938	Log	Block
Cloudflare Managed Ruleset	166b7ce85ce443538f021228a6752a38	100729	Microsoft SharePoint - Remote Code Execution - CVE:CVE-2023-33160	Log	Block
Cloudflare Managed Ruleset	35fe23e7bd324d00816c82d098d47b69	100730	Pentaho - Template Injection - CVE:CVE-2022-43769, CVE:CVE-2022-43939	Log	Block
Cloudflare Managed Ruleset	2ce80fe815254f25b3c8f47569fe1e0d	100700	Apache SSRF vulnerability CVE-2021-40438	N/A	Block

Workers AI - New models in Workers AI

Mon, 17 Mar 2025 00:00:00 GMT

Workers AI is excited to add 4 new models to the catalog, including 2 brand new classes of models with a text-to-speech and reranker model. Introducing:

@cf/baai/bge-m3 - a multi-lingual embeddings model that supports over 100 languages. It can also simultaneously perform dense retrieval, multi-vector retrieval, and sparse retrieval, with the ability to process inputs of different granularities.
@cf/baai/bge-reranker-base - our first reranker model! Rerankers are a type of text classification model that takes a query and context, and outputs a similarity score between the two. When used in RAG systems, you can use a reranker after the initial vector search to find the most relevant documents to return to a user by reranking the outputs.
@cf/openai/whisper-large-v3-turbo - a faster, more accurate speech-to-text model. This model was added earlier but is graduating out of beta with pricing included today.
@cf/myshell-ai/melotts - our first text-to-speech model that allows users to generate an MP3 with voice audio from inputted text.

Pricing is available for each of these models on the Workers AI pricing page.

This docs update includes a few minor bug fixes to the model schema for llama-guard, llama-3.2-1b, which you can review on the product changelog.

Try it out and let us know what you think! Stay tuned for more models in the coming days.

Workers - Import `env` to access bindings in your Worker's global scope

Mon, 17 Mar 2025 00:00:00 GMT

You can now access bindings from anywhere in your Worker by importing the env object from cloudflare:workers.

Previously, env could only be accessed during a request. This meant that bindings could not be used in the top-level context of a Worker.

Now, you can import env and access bindings such as secrets or environment variables in the initial setup for your Worker:

import { env } from "cloudflare:workers";
import ApiClient from "example-api-client";

// API_KEY and LOG_LEVEL now usable in top-level scope
const apiClient = ApiClient.new({ apiKey: env.API_KEY });
const LOG_LEVEL = env.LOG_LEVEL || "info";

export default {
  fetch(req) {
    // you can use apiClient or LOG_LEVEL, configured before any request is handled
  },
};

Additionally, env was normally accessed as a argument to a Worker's entrypoint handler, such as fetch. This meant that if you needed to access a binding from a deeply nested function, you had to pass env as an argument through many functions to get it to the right spot. This could be cumbersome in complex codebases.

Now, you can access the bindings from anywhere in your codebase without passing env as an argument:

// helpers.js
import { env } from "cloudflare:workers";

// env is *not* an argument to this function
export async function getValue(key) {
  let prefix = env.KV_PREFIX;
  return await env.KV.get(`${prefix}-${key}`);
}

For more information, see documentation on accessing env.

Workers, Pages - Retry Pages & Workers Builds Directly from GitHub

Mon, 17 Mar 2025 00:00:00 GMT

You can now retry your Cloudflare Pages and Workers builds directly from GitHub. No need to switch to the Cloudflare Dashboard for a simple retry!

Let\u2019s say you push a commit, but your build fails due to a spurious error like a network timeout. Instead of going to the Cloudflare Dashboard to manually retry, you can now rerun the build with just a few clicks inside GitHub, keeping you inside your workflow.

For Pages and Workers projects connected to a GitHub repository:

When a build fails, go to your GitHub repository or pull request
Select the failed Check Run for the build
Select "Details" on the Check Run
Select "Rerun" to trigger a retry build for that commit

Learn more about Pages Builds and Workers Builds.

Cloudflare Network Firewall - Cloudflare IP Ranges List

Thu, 13 Mar 2025 00:00:00 GMT

Magic Firewall now supports a new managed list of Cloudflare IP ranges. This list is available as an option when creating a Magic Firewall policy based on IP source/destination addresses. When selecting "is in list" or "is not in list", the option "Cloudflare IP Ranges" will appear in the dropdown menu.

This list is based on the IPs listed in the Cloudflare IP ranges. Updates to this managed list are applied automatically.

Note: IP Lists require a Cloudflare Advanced Network Firewall subscription. For more details about Cloudflare Network Firewall plans, refer to Plans.

Workers - Use the latest JavaScript features with Wrangler CLI v4

Thu, 13 Mar 2025 00:00:00 GMT

We've released the next major version of Wrangler, the CLI for Cloudflare Workers — wrangler@4.0.0. Wrangler v4 is a major release focused on updates to underlying systems and dependencies, along with improvements to keep Wrangler commands consistent and clear.

You can run the following command to install it in your projects:

npm i wrangler@latest

yarn add wrangler@latest

pnpm add wrangler@latest

bun add wrangler@latest

A detailed migration guide is available and if you find a bug or hit a roadblock when upgrading to Wrangler v4, open an issue on the cloudflare/workers-sdk repository on GitHub.

Going forward, we'll continue supporting Wrangler v3 with bug fixes and security updates until Q1 2026, and with critical security updates until Q1 2027, at which point it will be out of support.

Workers - Set breakpoints and debug your Workers tests with @cloudflare/vitest-pool-workers

Thu, 13 Mar 2025 00:00:00 GMT

You can now debug your Workers tests with our Vitest integration by running the following command:

vitest --inspect --no-file-parallelism

Attach a debugger to the port 9229 and you can start stepping through your Workers tests. This is available with @cloudflare/vitest-pool-workers v0.7.5 or later.

Learn more in our documentation.

Email Routing - Threaded replies now possible in Email Workers

Wed, 12 Mar 2025 00:00:00 GMT

We’re removing some of the restrictions in Email Routing so that AI Agents and task automation can better handle email workflows, including how Workers can reply to incoming emails.

It's now possible to keep a threaded email conversation with an Email Worker script as long as:

The incoming email has to have valid DMARC.
The email can only be replied to once in the same EmailMessage event.
The recipient in the reply must match the incoming sender.
The outgoing sender domain must match the same domain that received the email.
Every time an email passes through Email Routing or another MTA, an entry is added to the References list. We stop accepting replies to emails with more than 100 References entries to prevent abuse or accidental loops.

Here's an example of a Worker responding to Emails using a Workers AI model:

import PostalMime from "postal-mime";
import { createMimeMessage } from "mimetext";
import { EmailMessage } from "cloudflare:email";

export default {
  async email(message, env, ctx) {
    const email = await PostalMime.parse(message.raw);
    const res = await env.AI.run("@cf/meta/llama-2-7b-chat-fp16", {
      messages: [
        {
          role: "user",
          content: email.text ?? "",
        },
      ],
    });

    // message-id is generated by mimetext
    const response = createMimeMessage();
    response.setHeader("In-Reply-To", message.headers.get("Message-ID")!);
    response.setSender("agent@example.com");
    response.setRecipient(message.from);
    response.setSubject("Llama response");
    response.addMessage({
      contentType: "text/plain",
      data:
        res instanceof ReadableStream
          ? await new Response(res).text()
          : res.response!,
    });

    const replyMessage = new EmailMessage(
      "<email>",
      message.from,
      response.asRaw(),
    );
    await message.reply(replyMessage);
  },
} satisfies ExportedHandler<Env>;

See Reply to emails from Workers for more information.

WAF - WAF Release - 2025-03-11 - Emergency

Tue, 11 Mar 2025 00:00:00 GMT

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	0823d16dd8b94cc6b27a9ab173febb31	100731	Apache Camel - Code Injection - CVE:CVE-2025-27636	N/A	Block	This is a New Detection

Workers - Access your Worker's environment variables from process.env

Tue, 11 Mar 2025 00:00:00 GMT

You can now access environment variables and secrets on process.env when using the nodejs_compat compatibility flag.

const apiClient = ApiClient.new({ apiKey: process.env.API_KEY });
const LOG_LEVEL = process.env.LOG_LEVEL || "info";

In Node.js, environment variables are exposed via the global process.env object. Some libraries assume that this object will be populated, and many developers may be used to accessing variables in this way.

Previously, the process.env object was always empty unless written to in Worker code. This could cause unexpected errors or friction when developing Workers using code previously written for Node.js.

Now, environment variables, secrets, and version metadata can all be accessed on process.env.

To opt-in to the new process.env behaviour now, add the nodejs_compat_populate_process_env compatibility flag to your wrangler.json configuration:

wrangler.jsonc

{
  // Rest of your configuration
  // Add "nodejs_compat_populate_process_env" to your compatibility_flags array
  "compatibility_flags": ["nodejs_compat", "nodejs_compat_populate_process_env"],
  // Rest of your configuration

wrangler.toml

compatibility_flags = [ "nodejs_compat", "nodejs_compat_populate_process_env" ]

After April 1, 2025, populating process.env will become the default behavior when both nodejs_compat is enabled and your Worker's compatibility_date is after "2025-04-01".

WAF - WAF Release - 2025-03-10

Mon, 10 Mar 2025 00:00:00 GMT

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	d4f68c1c65c448e58fe4830eb2a51e3d	100722	Ivanti - Information Disclosure - CVE:CVE-2025-0282	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	fda130e396224ffc9f0a9e72259073d5	100723	Cisco IOS XE - Information Disclosure - CVE:CVE-2023-20198	Log	Block	This is a New Detection

Digital Experience Monitoring - Cloudflare One Agent now supports Endpoint Monitoring

Fri, 07 Mar 2025 00:00:00 GMT

Digital Experience Monitoring (DEX) provides visibility into device, network, and application performance across your Cloudflare SASE deployment. The latest release of the Cloudflare One agent (v2025.1.861) now includes device endpoint monitoring capabilities to provide deeper visibility into end-user device performance which can be analyzed directly from the dashboard.

Device health metrics are now automatically collected, allowing administrators to:

View the last network a user was connected to
Monitor CPU and RAM utilization on devices
Identify resource-intensive processes running on endpoints

This feature complements existing DEX features like synthetic application monitoring and network path visualization, creating a comprehensive troubleshooting workflow that connects application performance with device state.

For more details refer to our DEX documentation.

Hyperdrive - Hyperdrive reduces query latency by up to 90% and now supports IP access control lists

Fri, 07 Mar 2025 00:00:00 GMT

Hyperdrive now pools database connections in one or more regions close to your database. This means that your uncached queries and new database connections have up to 90% less latency as measured from connection pools.

By improving placement of Hyperdrive database connection pools, Workers' Smart Placement is now more effective when used with Hyperdrive, ensuring that your Worker can be placed as close to your database as possible.

With this update, Hyperdrive also uses Cloudflare's standard IP address ranges to connect to your database. This enables you to configure the firewall policies (IP access control lists) of your database to only allow access from Cloudflare and Hyperdrive.

Refer to documentation on how Hyperdrive makes connecting to regional databases from Cloudflare Workers fast.

This improvement is enabled on all Hyperdrive configurations.

WAF - Updated leaked credentials database

Fri, 07 Mar 2025 00:00:00 GMT

Added new records to the leaked credentials database. The record sources are: Have I Been Pwned (HIBP) database, RockYou 2024 dataset, and another third-party database.

Logs - One-click Logpush Setup with R2 Object Storage

Thu, 06 Mar 2025 00:00:00 GMT

We’ve streamlined the Logpush setup process by integrating R2 bucket creation directly into the Logpush workflow!

Now, you no longer need to navigate multiple pages to manually create an R2 bucket or copy credentials. With this update, you can seamlessly configure a Logpush job to R2 in just one click, reducing friction and making setup faster and easier.

This enhancement makes it easier for customers to adopt Logpush and R2.

For more details refer to our Logs documentation.

R2 - Set retention polices for your R2 bucket with bucket locks

Thu, 06 Mar 2025 00:00:00 GMT

You can now use bucket locks to set retention policies on your R2 buckets (or specific prefixes within your buckets) for a specified period — or indefinitely. This can help ensure compliance by protecting important data from accidental or malicious deletion.

Locks give you a few ways to ensure your objects are retained (not deleted or overwritten). You can:

Lock objects for a specific duration, for example 90 days.
Lock objects until a certain date, for example January 1, 2030.
Lock objects indefinitely, until the lock is explicitly removed.

Buckets can have up to 1,000 bucket lock rules. Each rule specifies which objects it covers (via prefix) and how long those objects must remain retained.

Here are a couple of examples showing how you can configure bucket lock rules using Wrangler:

Ensure all objects in a bucket are retained for at least 180 days

npx wrangler r2 bucket lock add <bucket> --name 180-days-all --retention-days 180

Prevent deletion or overwriting of all logs indefinitely (via prefix)

npx wrangler r2 bucket lock add <bucket> --name indefinite-logs --prefix logs/ --retention-indefinite

For more information on bucket locks and how to set retention policies for objects in your R2 buckets, refer to our documentation.

Stream - Introducing Media Transformations from Cloudflare Stream

Thu, 06 Mar 2025 00:00:00 GMT

Today, we are thrilled to announce Media Transformations, a new service that brings the magic of Image Transformations to short-form video files, wherever they are stored!

For customers with a huge volume of short video — generative AI output, e-commerce product videos, social media clips, or short marketing content — uploading those assets to Stream is not always practical. Sometimes, the greatest friction to getting started was the thought of all that migrating. Customers want a simpler solution that retains their current storage strategy to deliver small, optimized MP4 files. Now you can do that with Media Transformations.

To transform a video or image, enable transformations for your zone, then make a simple request with a specially formatted URL. The result is an MP4 that can be used in an HTML video element without a player library. If your zone already has Image Transformations enabled, then it is ready to optimize videos with Media Transformations, too.

https://example.com/cdn-cgi/media/<OPTIONS>/<SOURCE-VIDEO>

For example, we have a short video of the mobile in Austin's office. The original is nearly 30 megabytes and wider than necessary for this layout. Consider a simple width adjustment:

https://example.com/cdn-cgi/media/width=640/<SOURCE-VIDEO>
https://developers.cloudflare.com/cdn-cgi/media/width=640/https://pub-d9fcbc1abcd244c1821f38b99017347f.r2.dev/aus-mobile.mp4

The result is less than 3 megabytes, properly sized, and delivered dynamically so that customers do not have to manage the creation and storage of these transformed assets.

For more information, learn about Transforming Videos.

Browser Isolation - Gain visibility into user actions in Zero Trust Browser Isolation sessions

Tue, 04 Mar 2025 00:00:00 GMT

We're excited to announce that new logging capabilities for Remote Browser Isolation (RBI) through Logpush are available in Beta starting today!

With these enhanced logs, administrators can gain visibility into end user behavior in the remote browser and track blocked data extraction attempts, along with the websites that triggered them, in an isolated session.

{
  "AccountID": "$ACCOUNT_ID",
  "Decision": "block",
  "DomainName": "www.example.com",
  "Timestamp": "2025-02-27T23:15:06Z",
  "Type": "copy",
  "UserID": "$USER_ID"
}

User Actions available:

Copy & Paste
Downloads & Uploads
Printing

Learn more about how to get started with Logpush in our documentation.

Access - New SAML and OIDC Fields and SAML transforms for Access for SaaS

Mon, 03 Mar 2025 00:00:00 GMT

Access for SaaS applications now include more configuration options to support a wider array of SaaS applications.

SAML and OIDC Field Additions

OIDC apps now include:

Group Filtering via RegEx
OIDC Claim mapping from an IdP
OIDC token lifetime control
Advanced OIDC auth flows including hybrid and implicit flows

SAML apps now include improved SAML attribute mapping from an IdP.

SAML transformations

SAML identities sent to Access applications can be fully customized using JSONata expressions. This allows admins to configure the precise identity SAML statement sent to a SaaS application.

WAF - WAF Release - 2025-03-03

Mon, 03 Mar 2025 00:00:00 GMT

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	90356ececae3444b9accb3d393e63099	100721	Ivanti - Remote Code Execution - CVE:CVE-2024-13159, CVE:CVE-2024-13160, CVE:CVE-2024-13161	Log	Block	This is a New Detection
Cloudflare Managed Ruleset	6cf09ce2fa73482abb7f677ecac42ce2	100596	Citrix Content Collaboration ShareFile - Remote Code Execution - CVE:CVE-2023-24489	N/A	Block

Email security - Use Logpush for Email security detections

Sat, 01 Mar 2025 23:22:49 GMT

You can now send detection logs to an endpoint of your choice with Cloudflare Logpush.

Filter logs matching specific criteria you have set and select from over 25 fields you want to send. When creating a new Logpush job, remember to select Email security alerts as the dataset.

For more information, refer to Enable detection logs.

This feature is available across these Email security packages:

Enterprise
Enterprise + PhishGuard

Workers - Use the latest JavaScript features with Wrangler CLI v4.0.0-rc.0

Fri, 28 Feb 2025 00:00:00 GMT

We've released a release candidate of the next major version of Wrangler, the CLI for Cloudflare Workers — wrangler@4.0.0-rc.0.

You can run the following command to install it and be one of the first to try it out:

npm i wrangler@v4-rc

yarn add wrangler@v4-rc

pnpm add wrangler@v4-rc

bun add wrangler@v4-rc

Unlike previous major versions of Wrangler, which were foundational rewrites and rearchitectures — Version 4 of Wrangler includes a much smaller set of changes. If you use Wrangler today, your workflow is very unlikely to change. Before we release Wrangler v4 and advance past the release candidate stage, we'll share a detailed migration guide in the Workers developer docs. But for the vast majority of cases, you won't need to do anything to migrate — things will just work as they do today. We are sharing this release candidate in advance of the official release of v4, so that you can try it out early and share feedback.

New JavaScript language features that you can now use with Wrangler v4

Version 4 of Wrangler updates the version of esbuild that Wrangler uses internally, allowing you to use modern JavaScript language features, including:

The `using` keyword from Explicit Resource Management

The using keyword from the Explicit Resource Management standard makes it easier to work with the JavaScript-native RPC system built into Workers. This means that when you obtain a stub, you can ensure that it is automatically disposed when you exit scope it was created in:

function sendEmail(id, message) {
  using user = await env.USER_SERVICE.findUser(id);
  await user.sendEmail(message);

  // user[Symbol.dispose]() is implicitly called at the end of the scope.
}

Import attributes

Import attributes allow you to denote the type or other attributes of the module that your code imports. For example, you can import a JSON module, using the following syntax:

import data from "./data.json" with { type: "json" };

Other changes

`--local` is now the default for all CLI commands

All commands that access resources (for example, wrangler kv, wrangler r2, wrangler d1) now access local datastores by default, ensuring consistent behavior.

Clearer policy for the minimum required version of Node.js required to run Wrangler

Moving forward, the active, maintenance, and current versions of Node.js will be officially supported by Wrangler. This means the minimum officially supported version of Node.js you must have installed for Wrangler v4 will be Node.js v18 or later. This policy mirrors how many other packages and CLIs support older versions of Node.js, and ensures that as long as you are using a version of Node.js that the Node.js project itself supports, this will be supported by Wrangler as well.

Features previously deprecated in Wrangler v3 are now removed in Wrangler v4

All previously deprecated features in Wrangler v2 and in Wrangler v3 have now been removed. Additionally, the following features that were deprecated during the Wrangler v3 release have been removed:

Legacy Assets (using wrangler dev/deploy --legacy-assets or the legacy_assets config file property). Instead, we recommend you migrate to Workers assets.
Legacy Node.js compatibility (using wrangler dev/deploy --node-compat or the node_compat config file property). Instead, use the nodejs_compat compatibility flag. This includes the functionality from legacy node_compat polyfills and natively implemented Node.js APIs.
wrangler version. Instead, use wrangler --version to check the current version of Wrangler.
getBindingsProxy() (via import { getBindingsProxy } from "wrangler"). Instead, use the getPlatformProxy() API, which takes exactly the same arguments.
usage_model. This no longer has any effect, after the rollout of Workers Standard Pricing.

We'd love your feedback! If you find a bug or hit a roadblock when upgrading to Wrangler v4, open an issue on the cloudflare/workers-sdk repository on GitHub.

Email security - Check status of Email security or Area 1

Thu, 27 Feb 2025 23:22:49 GMT

Concerns about performance for Email security or Area 1? You can now check the operational status of both on the Cloudflare Status page.

For Email security, look under Cloudflare Sites and Services.

Dashboard is the dashboard for Cloudflare, including Email security
Email security (Zero Trust) is the processing of email
API are the Cloudflare endpoints, including the ones for Email security

For Area 1, under Cloudflare Sites and Services:

Area 1 - Dash is the dashboard for Cloudflare, including Email security
Email security (Area1) is the processing of email
Area 1 - API are the Area 1 endpoints

This feature is available across these Email security packages:

Advantage
Enterprise
Enterprise + PhishGuard

Browser Rendering - New REST API is in open beta!

Thu, 27 Feb 2025 00:00:00 GMT

We've released a new REST API for Browser Rendering in open beta, making interacting with browsers easier than ever. This new API provides endpoints for common browser actions, with more to be added in the future.

With the REST API you can:

Capture screenshots – Use /screenshot to take a screenshot of a webpage from provided URL or HTML.
Generate PDFs – Use /pdf to convert web pages into PDFs.
Extract HTML content – Use /content to retrieve the full HTML from a page. Snapshot (HTML + Screenshot) – Use /snapshot to capture both the page's HTML and a screenshot in one request
Scrape Web Elements – Use /scrape to extract specific elements from a page.

For example, to capture a screenshot:

curl -X POST 'https://api.cloudflare.com/client/v4/accounts/<accountId>/browser-rendering/screenshot' \
  -H 'Authorization: Bearer <apiToken>' \
  -H 'Content-Type: application/json' \
  -d '{
    "html": "Hello World!",
    "screenshotOptions": {
      "type": "webp",
      "omitBackground": true
    }
  }' \
  --output "screenshot.webp"

Learn more in our documentation.

Radar - DNS Insights in Cloudflare Radar

Thu, 27 Feb 2025 00:00:00 GMT

Radar has expanded its DNS insights, providing visibility into aggregated traffic and usage trends observed by our 1.1.1.1 DNS resolver. In addition to global, location, and ASN traffic trends, we are also providing perspectives on protocol usage, query/response characteristics, and DNSSEC usage.

Previously limited to the top locations and ASes endpoints, we have now introduced the following endpoints:

/dns/timeseries: Retrieves DNS query volume over time.
/dns/summary/{dimension}: Retrieves summaries of DNS query distribution across ten different dimensions.
/dns/timeseries_groups/{dimension}: Retrieves timeseries data for DNS query distribution across ten different dimensions.

For the summary and timeseries_groups endpoints, the following dimensions are available, displaying the distribution of DNS queries based on:

cache_hit: Cache status (hit vs. miss).
dnsssec: DNSSEC support status (secure, insecure, invalid or other).
dnsssec_aware: DNSSEC client awareness (aware vs. not-aware).
dnsssec_e2e: End-to-end security (secure vs. insecure).
ip_version: IP version (IPv4 vs. IPv6).
matching_answer: Matching answer status (match vs. no-match).
protocol: Transport protocol (UDP, TLS, HTTPS or TCP).
query_type: Query type (A, AAAA, PTR, etc.).
response_code: Response code (NOERROR, NXDOMAIN, REFUSED, etc.).
response_ttl: Response TTL.

Learn more about the new Radar DNS insights in our blog post, and check out the new Radar page.

AI Gateway - Introducing Guardrails in AI Gateway

Wed, 26 Feb 2025 00:00:00 GMT

AI Gateway now includes Guardrails, to help you monitor your AI apps for harmful or inappropriate content and deploy safely.

Within the AI Gateway settings, you can configure:

Guardrails: Enable or disable content moderation as needed.
Evaluation scope: Select whether to moderate user prompts, model responses, or both.
Hazard categories: Specify which categories to monitor and determine whether detected inappropriate content should be blocked or flagged.

Learn more in the blog or our documentation.

Email security - Use DLP Assist for M365

Tue, 25 Feb 2025 23:22:49 GMT

Cloudflare Email security customers who have Microsoft 365 environments can quickly deploy an Email DLP (Data Loss Prevention) solution for free.

Simply deploy our add-in, create a DLP policy in Cloudflare, and configure Outlook to trigger behaviors like displaying a banner, alerting end users before sending, or preventing delivery entirely.

Refer to Outbound Data Loss Prevention to learn more about this feature.

In GUI alert:

Alert before sending:

Prevent delivery:

This feature is available across these Email security packages:

Enterprise
Enterprise + PhishGuard

Agents, Workers - Introducing the Agents SDK

Tue, 25 Feb 2025 00:00:00 GMT

We've released the Agents SDK, a package and set of tools that help you build and ship AI Agents.

You can get up and running with a chat-based AI Agent (and deploy it to Workers) that uses the Agents SDK, tool calling, and state syncing with a React-based front-end by running the following command:

npm create cloudflare@latest agents-starter -- --template="cloudflare/agents-starter"
# open up README.md and follow the instructions

You can also add an Agent to any existing Workers application by installing the agents package directly

npm i agents

... and then define your first Agent:

import { Agent } from "agents";

export class YourAgent extends Agent<Env> {
  // Build it out
  // Access state on this.state or query the Agent's database via this.sql
  // Handle WebSocket events with onConnect and onMessage
  // Run tasks on a schedule with this.schedule
  // Call AI models
  // ... and/or call other Agents.
}

Head over to the Agents documentation to learn more about the Agents SDK, the SDK APIs, as well as how to test and deploying agents to production.

Workers AI - Workers AI now supports structured JSON outputs.

Tue, 25 Feb 2025 00:00:00 GMT

Workers AI now supports structured JSON outputs with JSON mode, which allows you to request a structured output response when interacting with AI models.

This makes it much easier to retrieve structured data from your AI models, and avoids the (error prone!) need to parse large unstructured text responses to extract your data.

JSON mode in Workers AI is compatible with the OpenAI SDK's structured outputs response_format API, which can be used directly in a Worker:

JavaScript

import { OpenAI } from "openai";

// Define your JSON schema for a calendar event
const CalendarEventSchema = {
  type: "object",
  properties: {
    name: { type: "string" },
    date: { type: "string" },
    participants: { type: "array", items: { type: "string" } },
  },
  required: ["name", "date", "participants"],
};

export default {
  async fetch(request, env) {
    const client = new OpenAI({
      apiKey: env.OPENAI_API_KEY,
      // Optional: use AI Gateway to bring logs, evals & caching to your AI requests
      // https://developers.cloudflare.com/ai-gateway/usage/providers/openai/
      // baseUrl: "https://gateway.ai.cloudflare.com/v1/{account_id}/{gateway_id}/openai"
    });

    const response = await client.chat.completions.create({
      model: "gpt-4o-2024-08-06",
      messages: [
        { role: "system", content: "Extract the event information." },
        {
          role: "user",
          content: "Alice and Bob are going to a science fair on Friday.",
        },
      ],
      // Use the `response_format` option to request a structured JSON output
      response_format: {
        // Set json_schema and provide ra schema, or json_object and parse it yourself
        type: "json_schema",
        schema: CalendarEventSchema, // provide a schema
      },
    });

    // This will be of type CalendarEventSchema
    const event = response.choices[0].message.parsed;

    return Response.json({
      calendar_event: event,
    });
  },
};

TypeScript

import { OpenAI } from "openai";

interface Env {
  OPENAI_API_KEY: string;
}

// Define your JSON schema for a calendar event
const CalendarEventSchema = {
  type: "object",
  properties: {
    name: { type: "string" },
    date: { type: "string" },
    participants: { type: "array", items: { type: "string" } },
  },
  required: ["name", "date", "participants"],
};

export default {
  async fetch(request: Request, env: Env) {
    const client = new OpenAI({
      apiKey: env.OPENAI_API_KEY,
      // Optional: use AI Gateway to bring logs, evals & caching to your AI requests
      // https://developers.cloudflare.com/ai-gateway/usage/providers/openai/
      // baseUrl: "https://gateway.ai.cloudflare.com/v1/{account_id}/{gateway_id}/openai"
    });

    const response = await client.chat.completions.create({
      model: "gpt-4o-2024-08-06",
      messages: [
        { role: "system", content: "Extract the event information." },
        {
          role: "user",
          content: "Alice and Bob are going to a science fair on Friday.",
        },
      ],
      // Use the `response_format` option to request a structured JSON output
      response_format: {
        // Set json_schema and provide ra schema, or json_object and parse it yourself
        type: "json_schema",
        schema: CalendarEventSchema, // provide a schema
      },
    });

    // This will be of type CalendarEventSchema
    const event = response.choices[0].message.parsed;

    return Response.json({
      calendar_event: event,
    });
  },
};

To learn more about JSON mode and structured outputs, visit the Workers AI documentation.

Cloudflare changelogs

Cloudflare One Client - Cloudflare One Client for macOS (version 2026.3.846.0)

Cloudflare One Client - Cloudflare One Client for Linux (version 2026.3.846.0)

AI Gateway - Automatically retry on upstream provider failures on AI Gateway

Logs - BigQuery as Logpush destination

Workflows, Workers - All Wrangler commands for Workflows now support local development

AI Search - Create, manage, search AI Search instances with Wrangler CLI

Cloudflare One, Access, Gateway - Logs UI refresh

Radar - Routing Section Expansion on Cloudflare Radar

Dedicated sub-pages

New widgets

Improved IP address space chart

Rules - New QUIC RTT and delivery rate fields

New fields

Example: Route slow connections to a lightweight origin

Example: Match low-bandwidth connections

Workers - Deploy Hooks are now available for Workers Builds

Built-in optimizations

Workers - New L4 transport telemetry fields in Workers

New properties

Example: Log connection quality metrics

DNS - Internal DNS - now in open beta

Who can use it?

WAF - WAF Release - 2026-03-30

WAF - WAF Release - Scheduled changes for 2026-04-06

Workers - New RFC 9440 mTLS certificate fields in Workers

New fields

Example: forwarding client certificate headers to your origin

Containers - Easily connect Containers and Sandboxes to Workers

Run Worker code

Access Workers bindings

Access Durable Object state

Get Started Today

Radar - URL Scanner improvements on Cloudflare Radar

logpush, Logs - Logpush — More granular timestamps

Rules - New mTLS certificate fields for Transform Rules

New fields

Example: Forwarding client certificate headers to your origin server

Workers - Declare required secrets in your Wrangler configuration

Local development

Type generation

Deploy

AI Crawl Control - Advanced WAF customization for AI Crawl Control blocks

Cache - Cache Response Rules

What changed

Benefits

Get started

Containers - Use Docker Hub images with Containers

Gateway - OIDC Claims filtering now available in Gateway Firewall, Resolver, and Egress policies

Network Interconnect - Interconnects moved to Connectors

Workers - Dynamic Workers, now in open beta

Use Dynamic Workers for

Executing Dynamic Workers

Helper libraries for Dynamic Workers

Try it out

Pricing

Workflows, Workers - Workflow instances now support pause(), resume(), restart(), and terminate() methods in local development

Agents, Workers - Agents SDK v0.8.0: readable state, idempotent schedules, typed AgentClient, and Zod 4

Readable state on useAgent and AgentClient

Idempotent schedule()

Typed AgentClient with call inference and stub proxy

@cloudflare/ai-chat fixes

keepAlive() and keepAliveWhile() are no longer experimental

@cloudflare/codemode: TanStack AI integration

Upgrade

AI Search - New AI Search REST API endpoints for /search and /chat/completions

Migration from existing AutoRAG API (recommended)

AI Search - AI Search UI snippets and MCP support

UI snippets

MCP

AI Search - Custom metadata filtering for AI Search

Define a custom metadata schema

Add metadata to your documents

Filter search results

API Shield - Web Assets fields now available in GraphQL Analytics API

R2 SQL - R2 SQL now supports over 190 new functions, expressions, and complex types

Highlights

Examples

CASE expressions with statistical aggregates

Struct and array access

Readable `state` on `useAgent` and `AgentClient`

Idempotent `schedule()`

Typed `AgentClient` with `call` inference and `stub` proxy

`@cloudflare/ai-chat` fixes

`keepAlive()` and `keepAliveWhile()` are no longer experimental

`@cloudflare/codemode`: TanStack AI integration

New `@cloudflare/codemode/mcp` export