Cloudflare Docs
WAF
Edit this page
Report an issue with this page
Log into the Cloudflare dashboard
Set theme to dark (⇧+D)

Server-side Excludes (SSE)

Deprecated

If there is sensitive content on your website that you want visible to real visitors, but that you want to hide from suspicious visitors, wrap the content with Cloudflare Server-side Excludes (SSE) tags.

​​ Set up

​​ 1. Turn on SSE

To turn on Server-side Excludes in the dashboard:

  1. Log in to the Cloudflare dashboard, and select your account and website.
  2. Go to Scrape Shield.
  3. For Server-side Excludes, switch the toggle to On.
To turn on Server-side Excludes with the API, send a PATCH request with server_side_exclude as the setting name in the URI path, and the value parameter set to "on".

​​ 2. Exclude content

Once you have turned on Server-side Excludes, you need to wrap your content in specific SSE tags.

<!--sse--><!--/sse-->

For example:

<!--sse-->Bad visitors cannot see my phone number, 555-555-5555<!--/sse-->

​​ Turn off SSE

To turn off Server-side Excludes in the dashboard:

  1. Log in to the Cloudflare dashboard, and select your account and website.
  2. Go to Scrape Shield.
  3. For Server-side Excludes, switch the toggle to Off.
To turn off Server-side Excludes with the API, send a PATCH request with server_side_exclude as the setting name in the URI path, and the value parameter set to "off".

​​ Limitations

SSE only works with HTML.