diff --git a/src/content/docs/fundamentals/performance/preparing-for-surges-or-spikes-in-web-traffic.mdx b/src/content/docs/fundamentals/performance/preparing-for-surges-or-spikes-in-web-traffic.mdx
index c47f423aa0c5aa..cce73798f3fecd 100644
--- a/src/content/docs/fundamentals/performance/preparing-for-surges-or-spikes-in-web-traffic.mdx
+++ b/src/content/docs/fundamentals/performance/preparing-for-surges-or-spikes-in-web-traffic.mdx
@@ -1,86 +1,5 @@
---
-pcx_content_type: how-to
+pcx_content_type: navigation
title: Prepare for surges or spikes in web traffic
-
+external_link: /learning-paths/surge-readiness/concepts/
---
-
-import { DashButton } from "~/components";
-
-## Use Cloudflare Cache features to optimize caching
-
-By default, Cloudflare [caches static content](/cache/concepts/default-cache-behavior/) such as images, CSS, and JavaScript. However, you can extend Cloudflare caching to work with HTML by creating custom [Cache Rules](/cache/how-to/cache-rules/).
-
-### Cache more requests
-
-1. In the Cloudflare dashboard, go to the **Account home** page and select your account and domain.
-
-
-
-2. Go to **Caching** > **Cache Rules** and select **Create rule**.
-
-3. For **When incoming requests match**, enter either your entire website or a specific path on your application, based on the **Hostname** or **URI Path**. Refer to the [available fields](/cache/how-to/cache-rules/settings/#fields).
-
-4. For **Cache eligibility**, define how these requests should be cached and for how long. Refer to the available [cache eligibility settings](/cache/how-to/cache-rules/settings/#eligible-for-cache-settings).
-
-5. You can then monitor the effectiveness of your cache settings using [Cache Analytics](/cache/performance-review/cache-analytics/) and update your configuration according to our [Cache performance guide](/cache/performance-review/cache-performance/).
-
-### Advanced cache optimizations
-
-* [Custom Cache Keys](/cache/how-to/cache-keys/) allows you to precisely set the cacheability setting for any resource.
-
-* [Origin Cache Control](/cache/concepts/cache-control/) can be used to let the `Cache-Control` headers tell Cloudflare how to handle content from the origin server.
-
-### Use Tiered Cache
-
-[Tiered Cache](/cache/how-to/tiered-cache/) uses the size of Cloudflare's network to reduce requests to customer origin servers by dramatically increasing cache hit ratios.
-
-It works by dividing Cloudflare's data centers into a hierarchy of lower-tiers and upper-tiers. If content is not cached in lower-tier data centers (generally the ones closest to a visitor), the lower-tier requests an upper-tier for the content. If the upper-tier does not have the content, only the upper-tier will initiate a request to the origin. This practice improves bandwidth efficiency by limiting the number of Cloudflare data centers that can ask the origin for content.
-
-Refer to [Enable Tiered Cache](/cache/how-to/tiered-cache/#enable-tiered-cache) to get started.
-
-### Use Cache Reserve
-
-[Cache Reserve](/cache/advanced-configuration/cache-reserve/) is a large, persistent data store implemented on top of [R2](/r2/).
-
-With a single click in the dashboard, your cacheable content will be written to Cache Reserve. In the same way that Tiered Cache builds a hierarchy of caches between your visitors and your origin, Cache Reserve serves as the ultimate [upper-tier cache](/cache/how-to/tiered-cache/) that will reserve storage space for your assets for as long as you want.
-
-This ensures that your content is served from cache longer, shielding your origin from unneeded egress fees.
-
-## Understand the limits of your hosting plan
-
-Cloudflare offsets most of the load to your website via caching and request filtering, but some traffic will still pass through to your origin. Knowing the limits of your hosting plan can help prevent a bottleneck from your host.
-
-Once you are aware of your plan limits, you can use [Rate Limiting](/waf/rate-limiting-rules/) to restrict how many times a requesting entity can make a request to your website.
-
-To help you define the best rate limiting setting for your use case, refer to [How Cloudflare determines the request rate article](/waf/rate-limiting-rules/request-rate/).
-
-## Cloudflare Waiting Room
-
-[Cloudflare Waiting Room](/waiting-room/) allows you to route excess users of your website to a customized waiting room, helping preserve customer experience and protect origin servers from being overwhelmed with requests.
-
-## Use Cloudflare IP addresses to your advantage
-
-Take action to prevent attacks to your application during peak season by configuring your firewall to only accept traffic from Cloudflare IP addresses. By only allowing [Cloudflare IPs](https://www.cloudflare.com/ips), you can prevent attackers from bypassing Cloudflare and sending requests directly to your origin.
-
-Refer to [Cloudflare IP addresses](/fundamentals/concepts/cloudflare-ip-addresses/) for more information.
-
-## Monitor traffic in your Cloudflare dashboard
-
-You can use the Cloudflare dashboard to closely monitor the traffic on your domain and fine-tune your cache and security settings accordingly.
-
-### Zone and Account analytics
-
-[Cloudflare zone analytics](/analytics/account-and-zone-analytics/zone-analytics/) gives you access to a wide range of metrics, collected at the website or domain level.
-
-[Cloudflare account analytics](/analytics/account-and-zone-analytics/account-analytics/) lets you access a wide range of aggregated metrics from all the sites under a specific Cloudflare account.
-
-### Security Analytics and Security Events
-
-[Security Analytics](/waf/analytics/security-analytics/) displays information about all incoming HTTP requests for your domain, including requests not handled by Cloudflare security products.
-
-You can also use the [Security Events](/waf/analytics/security-events/) to review mitigated requests and tailor your security configurations.
-
-### Cache Analytics
-
-You can use [Cache Analytics](/cache/performance-review/cache-analytics/) to improve site performance or reduce origin web server traffic.
-Cache Analytics helps determine if resources are missing from cache, expired, or ineligible for caching.
diff --git a/src/content/docs/learning-paths/surge-readiness/concepts/custom-pages.mdx b/src/content/docs/learning-paths/surge-readiness/concepts/custom-pages.mdx
new file mode 100644
index 00000000000000..0ed84e7a2d8d1e
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/concepts/custom-pages.mdx
@@ -0,0 +1,24 @@
+---
+title: Custom pages
+pcx_content_type: overview
+sidebar:
+ order: 2
+---
+
+Design your custom HTML page and host it online anywhere. Once published, Cloudflare will use the customized page instead of serving our standard page to your visitors.
+
+:::note[Note]
+We encourage you to customize every page to provide a consistent branding experience for your users. Origin Error pages can also be activated for 502, 504, and 404 errors.
+:::
+
+Pages you can customize:
+
+- IP Block
+- WAF Block
+- 500 Class Errors
+- 1000 Class Errors
+- Always Online Error
+- Basic Security Challenge
+- WAF Challenge
+- Country Challenge
+- I'm Under Attack Mode Challenge
\ No newline at end of file
diff --git a/src/content/docs/learning-paths/surge-readiness/concepts/index.mdx b/src/content/docs/learning-paths/surge-readiness/concepts/index.mdx
new file mode 100644
index 00000000000000..16eac7af06be37
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/concepts/index.mdx
@@ -0,0 +1,51 @@
+---
+title: Prerequisites
+pcx_content_type: overview
+sidebar:
+ order: 1
+---
+
+import { DashButton } from "~/components";
+
+Reach out to your Customer Success Manager at least 30 days prior to the expected traffic surge to schedule a Security Optimization walkthrough with your Customer Solution Engineer.
+
+To learn more about our service offerings, refer to [Customer Success offerings](https://www.cloudflare.com/success-offerings/).
+
+## Register your users
+
+For the security and protection of your account, be sure to register all account users.
+
+1. In the Cloudflare dashboard, go to the **Manage Account** > **Members** page.
+
+
+
+2. Select more than one Super Administrator to ensure appropriate access when needed.
+
+:::note
+
+Refer to [Manage members](/fundamentals/manage-members/) to learn how to review and update registered account users.
+
+:::
+
+Failure to register account users can create issues with our ticketing system. Unverified users who contact support will be funneled to the self-serve queue rather than the Enterprise queue which can result in long wait times.
+
+We strongly advise against credential-sharing which can jeopardize the trust and safety of your account.
+
+## Confirm user and domain administration
+
+- **Multi-User:** Provide role-based permissions to a group of users to better control the administration of your domains. Each user has their own role and limited API key.
+- **Enforce 2FA:** Ensure your entire dashboard is secure by [enforcing 2-factor authentication](/fundamentals/user-profiles/2fa/) for your organization.
+ - To disable 2FA, submit a support ticket and allow 1-2 business days to validate your request.
+- **Leverage API Access:** Work easily with our system programmatically using our [API](https://api.cloudflare.com).
+
+## Additional items
+
+- Check when your [SSL Certificates expire (only custom and origin certificates)](/ssl/edge-certificates/custom-certificates/renewing/)
+ :::note
+ Certificates managed by Cloudflare are auto-renewed.
+ :::
+- Review your Operational and Disaster recovery preparedness
+ - Enable Load Balancing with smart cache strategies: Use [Cloudflare Load Balancing](/reference-architecture/architectures/load-balancing) to distribute traffic across multiple healthy origins, and increase cache-hit ratios by leveraging [custom cache rules](/cache/performance-review/cache-analytics) and [edge compute](https://www.cloudflare.com/learning/cdn/caching-static-and-dynamic-content/) (e.g., Cloudflare Workers) to offload origin traffic during high-demand periods.
+ - Configure failover pools and back up DNS with a playbook: Set up [Cloudflare Load Balancer failover pools](/reference-architecture/architectures/load-balancing) to automatically redirect traffic to healthy origins if one fails. Export DNS records for safekeeping and prepare a clear [incident response plan](https://www.cloudflare.com/learning/performance/preventing-downtime) that includes steps for re-routing or recovery.
+- Review and update your current users' access
+- Check your domain registry validity
\ No newline at end of file
diff --git a/src/content/docs/learning-paths/surge-readiness/performance/analytics.mdx b/src/content/docs/learning-paths/surge-readiness/performance/analytics.mdx
new file mode 100644
index 00000000000000..aea6149aa0f5b9
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/performance/analytics.mdx
@@ -0,0 +1,24 @@
+---
+title: Analytics
+pcx_content_type: overview
+sidebar:
+ order: 4
+---
+
+## Workers Analytics Engine
+
+Use the [Workers Analytics Engine](/analytics/analytics-engine/) to send unlimited-cardinality data from your Worker to a time-series database. Query it with SQL.
+
+
+## Account and zone analytics
+
+Use [Account and zone analytics](/analytics/account-and-zone-analytics/) to provide details about the requests and traffic related to your Cloudflare accounts and zones.
+
+
+## Cloudflare Network Analytics
+
+Use [Cloudflare Network Analytics](/analytics/network-analytics/) to provide near real-time visibility into network and transport-layer traffic patterns and DDoS attacks.
+
+## GraphQL Analytics API
+
+Use the [GraphQL Analytics API](/analytics/graphql-api/) to provide\ all of your performance, security, and reliability data from one endpoint. Select exactly what you need, from one metric for a domain to multiple metrics aggregated for your account.
\ No newline at end of file
diff --git a/src/content/docs/learning-paths/surge-readiness/performance/caching.mdx b/src/content/docs/learning-paths/surge-readiness/performance/caching.mdx
new file mode 100644
index 00000000000000..32aafd5bcaa82f
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/performance/caching.mdx
@@ -0,0 +1,86 @@
+---
+title: Caching
+pcx_content_type: overview
+sidebar:
+ order: 2
+---
+
+import { DashButton } from "~/components";
+
+## Optimize caching
+
+By default, Cloudflare [caches static content](/cache/concepts/default-cache-behavior/) such as images, CSS, and JavaScript. However, you can extend Cloudflare caching to work with HTML by creating custom [Cache Rules](/cache/how-to/cache-rules/).
+
+
+### Cache more requests
+
+1. In the Cloudflare dashboard, go to the **Caching** > **Cache Rules** page.
+
+
+
+2. Select **Create rule**.
+3. For When incoming requests match, enter either your entire website or a specific path on your application, based on the Hostname or URI Path. Refer to the [available fields](/cache/how-to/cache-rules/settings/#fields).
+4. For Cache eligibility, define how these requests should be cached and for how long. Refer to the available [cache eligibility settings](/cache/how-to/cache-rules/settings/#eligible-for-cache-settings).
+5. You can then monitor the effectiveness of your cache settings using [Cache Analytics](/cache/performance-review/cache-analytics/) and update your configuration according to our [Cache performance guide](/cache/performance-review/cache-performance/).
+
+
+### Advanced cache optimizations
+
+
+
+* [Custom Cache Keys](/cache/how-to/cache-keys/) allows you to precisely set the cacheability setting for any resource.
+* [Origin Cache Control](/cache/concepts/cache-control/) can be used to let the Cache-Control headers tell Cloudflare how to handle content from the origin server.
+
+
+## Tiered Cache
+
+[Tiered Cache](/cache/how-to/tiered-cache/) uses the size of Cloudflare's network to reduce requests to customer origin servers by dramatically increasing cache hit ratios.
+
+It works by dividing Cloudflare's data centers into a hierarchy of lower-tiers and upper-tiers. If content is not cached in lower-tier data centers (generally the ones closest to a visitor), the lower-tier requests an upper-tier for the content. If the upper-tier does not have the content, only the upper-tier will initiate a request to the origin. This practice improves bandwidth efficiency by limiting the number of Cloudflare data centers that can ask the origin for content.
+
+Refer to [Enable Tiered Cache](/cache/how-to/tiered-cache/#enable-tiered-cache) to get started.
+
+
+### Cache Reserve
+
+[Cache Reserve](/cache/advanced-configuration/cache-reserve/) is a large, persistent data store implemented on top of [R2](/r2/).
+
+With a single click in the dashboard, your cacheable content will be written to Cache Reserve. In the same way that Tiered Cache builds a hierarchy of caches between your visitors and your origin, Cache Reserve serves as the ultimate [upper-tier cache](/cache/how-to/tiered-cache/) that will reserve storage space for your assets for as long as you want.
+
+This ensures that your content is served from cache longer, shielding your origin from unneeded egress fees.
+
+
+## Cloudflare Waiting Room
+
+[Cloudflare Waiting Room](/waiting-room/) allows you to route excess users of your website to a customized waiting room, helping preserve customer experience and protect origin servers from being overwhelmed with requests.
+
+
+## Use Cloudflare IP addresses
+
+Take action to prevent attacks to your application during peak season by configuring your firewall to only accept traffic from Cloudflare IP addresses. By only allowing [Cloudflare IPs](https://www.cloudflare.com/ips), you can prevent attackers from bypassing Cloudflare and sending requests directly to your origin.
+
+Refer to [Cloudflare IP addresses](/fundamentals/concepts/cloudflare-ip-addresses/) for more information.
+
+
+## Monitor traffic
+
+You can use the Cloudflare dashboard to closely monitor the traffic on your domain and fine-tune your cache and security settings accordingly.
+
+
+### Zone and Account analytics
+
+[Cloudflare zone analytics](/analytics/account-and-zone-analytics/zone-analytics/) gives you access to a wide range of metrics, collected at the website or domain level.
+
+[Cloudflare account analytics](/analytics/account-and-zone-analytics/account-analytics/) lets you access a wide range of aggregated metrics from all the sites under a specific Cloudflare account.
+
+
+### Security Analytics and Security Events
+
+[Security Analytics](/waf/analytics/security-analytics/) displays information about all incoming HTTP requests for your domain, including requests not handled by Cloudflare security products.
+
+You can also use the [Security Events](/waf/analytics/security-events/) to review mitigated requests and tailor your security configurations.
+
+
+### Cache Analytics
+
+You can use [Cache Analytics](/cache/performance-review/cache-analytics/) to improve site performance or reduce origin web server traffic. Cache Analytics helps determine if resources are missing from cache, expired, or ineligible for caching.
\ No newline at end of file
diff --git a/src/content/docs/learning-paths/surge-readiness/performance/index.mdx b/src/content/docs/learning-paths/surge-readiness/performance/index.mdx
new file mode 100644
index 00000000000000..0e00503dc6ede0
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/performance/index.mdx
@@ -0,0 +1,8 @@
+---
+title: Performance
+pcx_content_type: overview
+sidebar:
+ group:
+ hideIndex: true
+ order: 3
+---
\ No newline at end of file
diff --git a/src/content/docs/learning-paths/surge-readiness/performance/logs.mdx b/src/content/docs/learning-paths/surge-readiness/performance/logs.mdx
new file mode 100644
index 00000000000000..708bbafa6bc5dd
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/performance/logs.mdx
@@ -0,0 +1,25 @@
+---
+title: Logs
+pcx_content_type: overview
+sidebar:
+ order: 3
+---
+
+## Logpush
+
+Use [Logpush](/logs/logpush/) to push your request or event logs to your cloud service provider using Logpush, which can be configured via the Cloudflare dashboard or API.
+
+
+## Instant Logs
+
+Use [Instant Logs](/logs/instant-logs/) to view HTTP request logs instantly in the Cloudflare dashboard or the CLI.
+
+
+## Logs Engine
+
+Use the [Logs Engine](/logs/r2-log-retrieval/) to store your logs in R2 and query them directly.
+
+
+## Log Explorer
+
+Use the [Log Explorer](/log-explorer/) to store and explore your Cloudflare logs directly within the Cloudflare dashboard or API.
\ No newline at end of file
diff --git a/src/content/docs/learning-paths/surge-readiness/security/block-agents-lock-zones.mdx b/src/content/docs/learning-paths/surge-readiness/security/block-agents-lock-zones.mdx
new file mode 100644
index 00000000000000..18aa11aa2acd3e
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/security/block-agents-lock-zones.mdx
@@ -0,0 +1,19 @@
+---
+title: Block user agents and lock zones
+pcx_content_type: overview
+sidebar:
+ order: 6
+---
+
+
+[User Agent (UA) Blocking](/waf/tools/user-agent-blocking/) rules match against specific User-Agent request headers sent by the browser or application accessing your site. UA rules are applied against the entire domain, and after a rule is triggered, you can decide which action to take against the visitor.
+
+Actions:
+
+- Block: Ensures that an IP address will never be allowed to access your site
+- CAPTCHA Challenge: Rules will be shown a CAPTCHA before allowed access
+- Javascript Challenge: Rules will be shown 5 second javascript confirmation
+
+## Zone Lockdown
+
+[Zone Lockdown](/waf/tools/zone-lockdown/) rules allow you to define paths and only allow specific, trusted IPs to those paths. Any requests to those paths from non-whitelisted IPs will be automatically blocked with an 1106 HTTP code. This ability is particularly useful for locking down administrative or staging portions of your application.
diff --git a/src/content/docs/learning-paths/surge-readiness/security/confirm-account-security.mdx b/src/content/docs/learning-paths/surge-readiness/security/confirm-account-security.mdx
new file mode 100644
index 00000000000000..91d3aea96840ac
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/security/confirm-account-security.mdx
@@ -0,0 +1,12 @@
+---
+title: Confirm account security
+pcx_content_type: overview
+sidebar:
+ order: 2
+---
+
+import { DirectoryListing } from "~/components";
+
+Review the list below for guidance on securing your account.
+
+
\ No newline at end of file
diff --git a/src/content/docs/learning-paths/surge-readiness/security/control-domain-access.mdx b/src/content/docs/learning-paths/surge-readiness/security/control-domain-access.mdx
new file mode 100644
index 00000000000000..0884f9bf3acf26
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/security/control-domain-access.mdx
@@ -0,0 +1,37 @@
+---
+title: Control domain access
+pcx_content_type: overview
+sidebar:
+ order: 8
+---
+
+[IP Access Rules](/waf/tools/ip-access-rules/) specify an action based on the origin of your user across a single domain or all of the domains in your account.
+
+IP Access Rules can be applied based on:
+
+
+
+* IPv4 address or range: Specified in CIDR notation as `/16` or `/24`
+* IPv6 address or range: Specified in CIDR notation as `/32`, `/48`, `/64`
+* ASN
+* Country or the Tor network
+
+
+:::note
+
+We recommend locking down your origin with an Access Control List (ACL) which only allows [Cloudflare IPs](http://www.cloudflare.com/ips).
+
+:::
+
+Actions:
+
+- Block: Ensures that an IP address will never be allowed to access your site.
+- CAPTCHA Challenge: Rules will be shown a CAPTCHA before allowed access.
+- Javascript Challenge: Rules will be shown a five second javascript confirmation.
+- Allowlist: Ensures that an IP address will never be blocked from accessing your site. This supersedes any Cloudflare security profile.
+
+:::note
+
+Challenge Passage timeout applies to IP reputation, IUAM mode and user IP Firewall (CAPTCHA or JS Challenge): [cf_clearance cookie](/fundamentals/reference/policies-compliances/cloudflare-cookies/#additional-cookies-used-by-the-challenge-platform) is set with `Max-age=Challenge Passage`.
+:::
+
diff --git a/src/content/docs/learning-paths/surge-readiness/security/control-incoming-requests.mdx b/src/content/docs/learning-paths/surge-readiness/security/control-incoming-requests.mdx
new file mode 100644
index 00000000000000..4367d2798a7fde
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/security/control-incoming-requests.mdx
@@ -0,0 +1,31 @@
+---
+title: Control incoming requests
+pcx_content_type: overview
+sidebar:
+ order: 3
+---
+
+Use [Custom rules](/waf/custom-rules/) to allow you to control incoming traffic by filtering requests to a zone. They work as customized web application firewall (WAF) rules that you can use to perform actions like Block or Managed Challenge on incoming requests.
+
+Use WAF [Managed Rules](/waf/managed-rules/) to apply custom criteria for all incoming HTTP requests.
+
+## Understand hosting plan limits
+
+Cloudflare offsets most of the load to your website via caching and request filtering, but some traffic will still pass through to your origin. Knowing the limits of your hosting plan can help prevent a bottleneck from your host.
+
+Once you are aware of your plan limits, you can use [Rate Limiting](/waf/rate-limiting-rules/) to restrict how many times a requesting entity can make a request to your website.
+
+To help you define the best rate limiting setting for your use case, refer to [How Cloudflare determines the request rate](/waf/rate-limiting-rules/request-rate/).
+
+## Security models
+
+- Positive Security policy: Allow specific requests and deny everything else.
+- Negative Security policy: Block specific requests and allow everything else.
+
+## Actions
+
+- Log: Test rule effectiveness before committing to a more severe action.
+- Allow: Allow matching requests to access the site.
+- Block: Block matching requests from accessing the site.
+- CAPTCHA Challenge: Rules will be shown a CAPTCHA before proceeding.
+- Javascript Challenge: Rules will be shown a five second Javascript confirmation before proceeding.
diff --git a/src/content/docs/learning-paths/surge-readiness/security/defend-content.mdx b/src/content/docs/learning-paths/surge-readiness/security/defend-content.mdx
new file mode 100644
index 00000000000000..eea8105c5f68f5
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/security/defend-content.mdx
@@ -0,0 +1,16 @@
+---
+title: Defend content with Scrape Shield
+pcx_content_type: overview
+sidebar:
+ order: 7
+---
+
+Scrape Shield is a collection of settings meant to protect your site's content.
+
+## Email Address Obfuscation
+
+[Email Address Obfuscation](/waf/tools/scrape-shield/email-address-obfuscation/) uses JavaScript to encrypt addresses and prevents harvesting by spammers and bots while keeping addresses easy to read and use for human visitors.
+
+## Hotlink Protection
+
+[Hotlink Protection](/waf/tools/scrape-shield/hotlink-protection/) prevents your images from being used by other sites, which can reduce the bandwidth consumed by your origin server.
diff --git a/src/content/docs/learning-paths/surge-readiness/security/enable-iaum.mdx b/src/content/docs/learning-paths/surge-readiness/security/enable-iaum.mdx
new file mode 100644
index 00000000000000..1b0d8c085c6a9b
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/security/enable-iaum.mdx
@@ -0,0 +1,32 @@
+---
+title: What to do when under attack
+pcx_content_type: overview
+sidebar:
+ order: 9
+---
+
+## Enable "I'm Under Attack" mode (IAUM)
+
+If you are under attack and have this feature enabled during the attack, visitors will receive an interstitial page for about five seconds while the traffic is analyzed to make sure it is a legitimate human visitor. The vast majority of Layer 7 attack scripts are defeated by IUAM and can be honed via Page Rules.
+
+Refer to [I'm Under Attack Mode](https://developers.cloudflare.com/fundamentals/reference/under-attack-mode/) for more information.
+
+
+## Change Access Control List (ACL)
+
+An ACL refers to rules that are applied to port numbers or IP addresses that are available on a host permitting use of the service. When you only allow Cloudflare IPs, you eliminate threats attempting to attack your origin IP range.
+
+Refer to [Cloudflare IP Ranges](https://www.cloudflare.com/ips) for more information.
+
+
+## Change Origin IPs and update Cloudflare DNS records
+
+If your origin is still being attacked, consider moving your Origin IPs and updating your Cloudflare DNS records.
+
+Refer to [Prevent DDoS attacks](/learning-paths/prevent-ddos-attacks/concepts/) for detailed guidance.
+
+:::note
+
+To learn about best practices for DDoS protection, review [Respond to DDoS attacks](/ddos-protection/best-practices/respond-to-ddos-attacks/).
+
+:::
diff --git a/src/content/docs/learning-paths/surge-readiness/security/index.mdx b/src/content/docs/learning-paths/surge-readiness/security/index.mdx
new file mode 100644
index 00000000000000..b9a6440c99bd59
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/security/index.mdx
@@ -0,0 +1,8 @@
+---
+title: Security
+pcx_content_type: overview
+sidebar:
+ group:
+ hideIndex: true
+ order: 2
+---
\ No newline at end of file
diff --git a/src/content/docs/learning-paths/surge-readiness/security/prepare-for-surges.mdx b/src/content/docs/learning-paths/surge-readiness/security/prepare-for-surges.mdx
new file mode 100644
index 00000000000000..0cd3b4b57cbf88
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/security/prepare-for-surges.mdx
@@ -0,0 +1,19 @@
+---
+title: Prepare for surges and mitigate DDoS attacks
+pcx_content_type: overview
+sidebar:
+ label: Prepare for surges and attacks
+ order: 4
+---
+
+## Reduce server strain
+
+Utilize Cloudflare's [caching](/cache/) to enhance load times and reduce server strain. Also, features like the [Waiting Room](/waiting-room) and [Rate Limiting](/waf/rate-limiting-rules/) can be used to effectively manage excess demand and ensure a stable user experience.
+
+## Unlimited DDoS Protection
+
+Cloudflare's Advanced [DDoS protection](/ddos-protection/) is always on for Enterprise customers and is used to mitigate DDoS attacks of all forms and sizes including those that target UDP and ICMP protocols, as well as SYN/ACK, DNS amplification, SMURF, and Layer 7 attacks.
+
+## Browser Integrity Check
+
+[Browser Integrity Check](/waf/tools/browser-integrity-check/) looks for requests with HTTP headers commonly used by spammers, bots, and crawlers such as requests with a missing or non-standard user agent. If a threat is found, Cloudflare will present a challenge page before allowing access. This may affect your API and can be selectively disabled using [Page Rules](/rules/page-rules/).
diff --git a/src/content/docs/learning-paths/surge-readiness/security/secure-against-attacks.mdx b/src/content/docs/learning-paths/surge-readiness/security/secure-against-attacks.mdx
new file mode 100644
index 00000000000000..946c137dda256c
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/security/secure-against-attacks.mdx
@@ -0,0 +1,14 @@
+---
+title: Secure against attacks
+pcx_content_type: overview
+sidebar:
+ order: 5
+---
+
+Review the different actions you can take to secure your website against attacks.
+
+## Orange cloud all proper subdomains
+
+When a subdomain is set to Proxied (also known as orange-clouded), Cloudflare proxying is active for that record and the record will resolve to a Cloudflare IP.
+
+Refer to [Proxy status](/dns/proxy-status/) for more information.
diff --git a/src/content/docs/learning-paths/surge-readiness/support/index.mdx b/src/content/docs/learning-paths/surge-readiness/support/index.mdx
new file mode 100644
index 00000000000000..36be6210fe2d5c
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/support/index.mdx
@@ -0,0 +1,8 @@
+---
+title: Support
+pcx_content_type: overview
+sidebar:
+ group:
+ hideIndex: true
+ order: 4
+---
\ No newline at end of file
diff --git a/src/content/docs/learning-paths/surge-readiness/support/resources.mdx b/src/content/docs/learning-paths/surge-readiness/support/resources.mdx
new file mode 100644
index 00000000000000..65160b9ea46741
--- /dev/null
+++ b/src/content/docs/learning-paths/surge-readiness/support/resources.mdx
@@ -0,0 +1,32 @@
+---
+title: Support resources
+pcx_content_type: overview
+sidebar:
+ order: 2
+---
+
+import { Plan } from "~/components"
+
+
+| Support type | Resource |
+| ------------ | -------- |
+| Self-serve questions | https://support.cloudflare.com
https://developers.cloudflare.com/fundamentals |
+| Strategic guidance and best practices (proactive) | Reach out to your dedicated account team |
+| Non-critical production issues (reactive) | - Email the 24/7 Enterprise Support team
- [Support portal](https://dash.cloudflare.com/?to=/:account/support)
- Dashboard chat |
+| Critical issues such as attacks (reactive) | - Call the 24/7 Emergency Support line
- +1 (650)353-5922 (US)
- www.cloudflare.com/ecp/support (global lines)|
+
+:::note
+For security reasons, Cloudflare Support only assists individuals whose email addresses are validated against the list of registered account contacts. Review and update all contacts accordingly in your Cloudflare Dashboard. For more information, refer to [Manage members](/fundamentals/manage-members/).
+:::
+
+## Additional resources
+
+- For help with an issue, refer to [guidance for submitting support tickets](/support/contacting-cloudflare-support/).
+- Reference our [Support Docs](/support/), including [Priority definitions](/support/contacting-cloudflare-support/#priority-definitions).
+- Learn the basic countermeasures to [stop an ongoing DDoS attack](/ddos-protection/best-practices/respond-to-ddos-attacks/).
+- Let [Cloudflare's Security Operations Center-as-a-Service (SOC)](https://www.cloudflare.com/soc-as-a-service/) monitor your environment for volumetric security threats and potential operational disruptions, perform analysis to identify attack vectors, and help you implement countermeasures to mitigate future incidents.
+- If a customer has purchased Technical Account Management Service, utilize the [Technical Account Management Service](https://www.cloudflare.com/technical-account-management-service/) which operates as an extension of your team, as the Cloudflare support expert who knows your tech stack, unique infrastructure, and Cloudflare portfolio requirements.
+- Learn [what's new](https://www.cloudflare.com/whats-new/) and subscribe to product release email summaries.
+- Read the [Cloudflare blog](https://blog.cloudflare.com/) for the latest announcements from Cloudflare.
+- Refer to the [Cloudflare Community](https://community.cloudflare.com/) to seek advice and share insights about using Cloudflare with other Cloudflare users.
+- [Maximize Revenue and Minimize Risk in Peak Season webinar](https://www.google.com/url?q=https://cloudflare.ondemand.goldcast.io/on-demand/28262595-9ddf-4e26-91bf-241117f4b5fe&sa=D&source=docs&ust=1758134183832896&usg=AOvVaw3-v4hp23nSzNj0s6j-xxyc)
\ No newline at end of file
diff --git a/src/content/learning-paths/surge-readiness.json b/src/content/learning-paths/surge-readiness.json
new file mode 100644
index 00000000000000..b12fdc72088096
--- /dev/null
+++ b/src/content/learning-paths/surge-readiness.json
@@ -0,0 +1,8 @@
+{
+ "title": "Prepare for surges or spikes in web traffic",
+ "path": "/learning-paths/surge-readiness/concepts/",
+ "priority": 5,
+ "description": "Learn how to protect your website for potential surges or spikes in web traffic.",
+ "products": ["Cache", "WAF"],
+ "product_group": "Application security"
+}