Cloudflare Docs
Cloudflare Zero Trust
Visit Cloudflare Zero Trust on GitHub
Set theme to dark (⇧+D)

Common HTTP policies

The following policies are commonly used to secure HTTP traffic.

​​ Block content categories

Block content categories which go against your organization’s acceptable use policy.

SelectorOperatorValueAction
Content categoriesinAdult Themes, GamblingBlock

​​ Block applications

Block content categories which go against your organization’s acceptable use policy.

SelectorOperatorValueAction
ApplicationinNetflixBlock

​​ Check user identity

Configure access on a per user or group basis by adding identity-based conditions to your policies.

SelectorOperatorValueAction
ApplicationinSalesforceBlock
User Group NamesinContractors

​​ Enforce device posture

Require devices to have certain software installed or other configuration attributes. For instructions on setting up a device posture check, refer to the device posture section.

SelectorOperatorValueAction
Passed Device Posture ChecksinMinimum OS versionAllow

​​ Enforce session duration

Require users to re-authenticate after a certain amount of time has elapsed.

​​ Isolate high risk sites in remote browser

If you are using the Browser Isolation add-on, refer to our list of common Isolate policies.

​​ Bypass inspection for self-signed certificates

When accessing origin servers with certificates not signed by a public certificate authority, you must bypass TLS decryption.

SelectorOperatorValueAction
Domainininternal.site.comDo Not Inspect

Refer to the HTTP policies page for a comprehensive list of other selectors, operators, and actions.