Cloudflare Scan

What is Cloudflare Scan?

CloudFlare Scan is a service app that alerts CloudFlare customers to dozens of different web infections—including malware and phishing attempts—on their website. Scan leverages Stop The Hacker's security technology. Cloudflare had acquired Stop The Hacker and wanted to integrate their product with the core Cloudflare experience. We also wanted to use Google and Facebook scan functionality to provide customers with additional oversight for their domain.

  Scan Icon Designs

The Challenge

Almost 100% of the time a CloudFlare customer site will be free of Malware. A primary objective for Scan was to help customers understand how recently their domain had been scanned for malware, so that they can be confident in their site security.

We also wanted to highlight to customers that if their site requires additional security, they can upgrade their Cloudflare plan to receive more frequent Scans, as well as Cloudflare’s Advanced Scan. Advance Scan improves your security by utilizing a CloudFlare crawler that will search every URL on your website and check it against our sources to see if the link is blacklisted anywhere else.

Because Cloudflare also leverages Google and Facebook scans, we wanted to be transparent about which service had detected a threat. We also wanted to provide users with the exact URL location of where the threat was detected, to help them remove it.

Lastly, because Scan consumes bandwidth, we wanted to provide users with the option to turn scan on and off.


  Turn Scan on & off
  Show exact URL of threat found
  Display service that detected threat

  Provide instruction to remove threat
  Upsell customers to Pro Plan
  Welcoming empty state for new users


This release of the Scan App was Cloudflare's initial release, and thus an MVP project. We determined basic requirements internally, focusing on providing users with basic tools to detect and elimate threats to their site.

The Solution

We kept Scan very simple - 99% of the time users will see that no threats have been detected on their site. We chose to highlight the security status first thing in the Scan app, and used simple color coding to communicate this at just a glance.

One of the really great things about Cloudflare was that our design team had established a comprehensive and consistent design system for our product dashboard. This meant that designing Scan was a snap. We leveraged the existing Cloudflare table design, and displayed the most important information upfront to our users, specifically: The URL of your domain where a threat was found, what type of threat was found, and when. Because URLs could potentially be extremely long, and because we also wanted to provide users with a clear CTA unique to each threat, we tucked the full, unfurled URL, as well as knowledge base articles on how to solve the threat inside of a modal, behind a "Review" CTA.