From ef2b1d68ab25d0f2f914ec99f935e25a4064a061 Mon Sep 17 00:00:00 2001
From: Rebecca Tamachiro <rtamachiro@cloudflare.com>
Date: Fri, 31 Jan 2025 11:26:29 +0000
Subject: [PATCH] Update recommended Max Cache TTL to 4 hours

---
 src/content/docs/dns/dns-firewall/setup.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/docs/dns/dns-firewall/setup.mdx b/src/content/docs/dns/dns-firewall/setup.mdx
index 1309f53e7a2020d..0ccec873800d592 100644
--- a/src/content/docs/dns/dns-firewall/setup.mdx
+++ b/src/content/docs/dns/dns-firewall/setup.mdx
@@ -32,7 +32,7 @@ Prior to setting up DNS Firewall, you need:
 4. Fill out the required fields, including:
    - **IP Addresses**: The upstream IPv4 and/or IPv6 addresses of your authoritative nameservers.
    - **Minimum Cache TTL**: Recommended setting of **30 seconds**.
-   - **Maximum Cache TTL**: Recommended setting of **1 hour**. Larger values increase the cache hit ratio, but also increase the time required for DNS changes to propagate.
+   - **Maximum Cache TTL**: Recommended setting of **4 hours**. Larger values increase the cache hit ratio, but also increase the time required for DNS changes to propagate.
    - **ANY queries**: Recommended setting is **Off** because these are often used as part of DDoS attacks. Also refer to this [blog post](https://blog.cloudflare.com/rfc8482-saying-goodbye-to-any/).
 5. Click **Continue**.
 6. On the following screen, save the values for **Your new DNS Firewall IP Addresses**.