Cloudflare Docs
Cloudflare Zero Trust
Visit Cloudflare Zero Trust on GitHub
Set theme to dark (⇧+D)

Configuration tips

False positives can clutter your logs with junk data and can cause issues for the end user if they are blocked by the policy. Adding additional conditions to your policy will limit the scope of the DLP scan and can help the reduce the number of false positives.

In your DLP logs, you may find that certain sites are a common source of noise. To exempt these sites from DLP scanning, you can manually create a list of hostnames or URLs. Then, exclude the list from your DLP policy as shown in the example below:

Policy name
Block SSN uploads to Google Drive
DLP ProfilesinU.S. Social Security Numbers
ApplicationinGoogle Drive
Domainnot in listDo not DLP - SSN