Skip to content

Review Security Insights

After enabling Security Insights and letting the first scan run, check the Security Insights tab for a list of detected insights that you should address.

For each detected insight, you can resolve it or archive it, after understanding its risks.

  1. Log in to the Cloudflare dashboard and select your account.
  2. Go to Account Home > Security Center > Security Insights.
  3. Next to the insight you wish to address, select Resolve.

Resolve an insight

In the insight details page, if you choose to update a configuration based on the recommendation actions, follow the instructions on the insight details page.

The following insights follow a different yet straightforward workflow to be resolved:

  • Minimum Version of TLS 1.2 not enforced: To resolve this insight:
    • Go to SSL/TLS > Edge Certificates.
    • Select TLS 1.2.
  • Domains without "Always use HTTPS": To resolve this insight:
    • Go to SSL/TLS > Edge Certificates.
    • Select Always Use HTTPS.
  • Turn on JavaScript Detections: To resolve this insight:
    • Go to Security > Bots > Select Configure Bot Management.
    • Select JavaScript Detections.

Dismiss or archive an insight

  1. In the insight details page, read the detailed information so that you understand the risks of dismissing the security insight.
  2. Select Archive Insight.

Export insights

You can export security insights to a CSV format directly from the dashboard.

To export security insights:

  1. Log in to the Cloudflare dashboard and select your account.
  2. Go to Account Home > Security Center > Security Insights > Export insights.

Exporting security insights allow you to perform a deeper analysis of your insights.

The exported CSV file includes information such as the severity of your data, insight type scan date, issue class and additional optional fields, such as insight details, risk assessment, detection method, and recommended actions.

Archive insights

You can archive one or more insights from the dashboard.

To archive insights:

  1. Log in to the Cloudflare dashboard and select your account.
  2. Go to Account Home > Security Center > Security Insights.
  3. Select the insight(s) you want to archive, then select Archive selected.

Enable alerts

You can enable alerts for critical insights.

To enable alerts:

  1. Log in to the Cloudflare dashboard and select your account.
  2. Go to Account Home > Security Center > Security Insights.
  3. Select the security insight(s) you want to create an alert for, then select Create alert for selected classes.
  4. Enter the notification name, and choose one or more insights classes to filter a notification.
  5. Select Save.