Review Security Insights
After enabling Security Insights and letting the first scan run, check the Security Insights tab for a list of detected insights that you should address.
For each detected insight, you can resolve it or archive it, after understanding its risks.
- Log in to the Cloudflare dashboard ↗ and select your account.
- Go to Account Home > Security Center > Security Insights.
- Next to the insight you wish to address, select Resolve.
In the insight details page, if you choose to update a configuration based on the recommendation actions, follow the instructions on the insight details page.
The following insights follow a different yet straightforward workflow to be resolved:
- Minimum Version of TLS 1.2 not enforced: To resolve this insight:
- Go to SSL/TLS > Edge Certificates.
- Select TLS 1.2.
- Domains without "Always use HTTPS": To resolve this insight:
- Go to SSL/TLS > Edge Certificates.
- Select Always Use HTTPS.
- Turn on JavaScript Detections: To resolve this insight:
- Go to Security > Bots > Select Configure Bot Management.
- Select JavaScript Detections.
You can export security insights to a CSV format directly from the dashboard.
To export security insights:
- Log in to the Cloudflare dashboard ↗ and select your account.
- Go to Account Home > Security Center > Security Insights > Export insights.
Exporting security insights allow you to perform a deeper analysis of your insights.
The exported CSV file includes information such as the severity of your data, insight type scan date, issue class and additional optional fields, such as insight details, risk assessment, detection method, and recommended actions.
You can archive one or more insights from the dashboard.
To archive insights:
- Log in to the Cloudflare dashboard ↗ and select your account.
- Go to Account Home > Security Center > Security Insights.
- Select the insight(s) you want to archive, then select Archive selected.
Alternatively, to archive an insight:
- Select the insight you want to archive. The dashboard will open a page where you will be able to review insight properties.
- Select Archive insight.
You can enable alerts for critical insights.
To enable alerts:
- Log in to the Cloudflare dashboard ↗ and select your account.
- Go to Account Home > Security Center > Security Insights.
- Select the security insight(s) you want to create an alert for, then select Create alert for selected classes.
- Enter the notification name, and choose one or more insights classes to filter a notification.
- Select Save.