chore: remove deprecated check

prowler/providers/cloudflare/services/zone/zone_server_side_excludes_enabled/zone_server_side_excludes_enabled.metadata.json

@@ -1,35 +0,0 @@
-{
-  "Provider": "cloudflare",
-  "CheckID": "zone_server_side_excludes_enabled",
-  "CheckTitle": "Server Side Excludes is enabled",
-  "CheckType": [],
-  "ServiceName": "zone",
-  "SubServiceName": "",
-  "ResourceIdTemplate": "",
-  "Severity": "low",
-  "ResourceType": "Zone",
-  "Description": "**Cloudflare zones** are assessed for **Server Side Excludes** (Scrape Shield) configuration by checking if it is enabled to automatically hide content wrapped in SSE tags from visitors identified as **suspicious bots or crawlers**.",
-  "Risk": "Without **Server Side Excludes**, sensitive content remains visible to malicious bots.\n- **Confidentiality**: sensitive information marked for exclusion can be scraped by bots\n- **Integrity**: content may be indexed or misused by unauthorized crawlers\n- **Availability**: scraped data may be used to plan further attacks",
-  "RelatedUrl": "",
-  "AdditionalURLs": [
-    "https://developers.cloudflare.com/waf/tools/scrape-shield/server-side-excludes/"
-  ],
-  "Remediation": {
-    "Code": {
-      "CLI": "",
-      "NativeIaC": "",
-      "Other": "1. Log in to the Cloudflare dashboard and select your account and domain\n2. Go to Scrape Shield (or Security > Settings in newer UI)\n3. Scroll to Server Side Excludes\n4. Toggle the setting to On\n5. Wrap sensitive content in SSE HTML comments in your page source",
-      "Terraform": "```hcl\n# Enable Server Side Excludes to hide sensitive content from bots\nresource \"cloudflare_zone_settings_override\" \"server_side_excludes\" {\n  zone_id = \"<ZONE_ID>\"\n  settings {\n    server_side_exclude = \"on\" # Hides SSE-wrapped content from suspicious visitors\n  }\n}\n```"
-    },
-    "Recommendation": {
-      "Text": "Enable **Server Side Excludes** and wrap sensitive content in SSE HTML comments.\n- Provides selective content protection while maintaining functionality for legitimate visitors\n- Use HTML comments to mark content for exclusion from suspicious visitors\n- Part of the Scrape Shield feature set for comprehensive protection\n- Combine with other anti-scraping measures for defense in depth",
-      "Url": "https://hub.prowler.com/checks/cloudflare/zone_server_side_excludes_enabled"
-    }
-  },
-  "Categories": [
-    "internet-exposed"
-  ],
-  "DependsOn": [],
-  "RelatedTo": [],
-  "Notes": "Server Side Excludes requires wrapping sensitive content with special HTML comments to mark content for exclusion. The syntax is: <!--sse-->sensitive content<!--/sse-->"
-}

prowler/providers/cloudflare/services/zone/zone_server_side_excludes_enabled/zone_server_side_excludes_enabled.py

@@ -1,43 +0,0 @@
-from prowler.lib.check.models import Check, CheckReportCloudflare
-from prowler.providers.cloudflare.services.zone.zone_client import zone_client
-
-
-class zone_server_side_excludes_enabled(Check):
-    """Ensure that Server Side Excludes is enabled for Cloudflare zones.
-
-    Server Side Excludes (SSE) is part of Cloudflare's Scrape Shield suite that
-    automatically hides content wrapped in SSE tags from visitors identified as
-    suspicious bots or crawlers. This protects sensitive information like email
-    addresses and phone numbers from being scraped.
-    """
-
-    def execute(self) -> list[CheckReportCloudflare]:
-        """Execute the Server Side Excludes enabled check.
-
-        Iterates through all Cloudflare zones and verifies that Server Side
-        Excludes is enabled. This feature helps protect sensitive content from
-        being scraped by malicious bots.
-
-        Returns:
-            A list of CheckReportCloudflare objects with PASS status if Server
-            Side Excludes is enabled, or FAIL status if it is disabled for the zone.
-        """
-        findings = []
-        for zone in zone_client.zones.values():
-            report = CheckReportCloudflare(
-                metadata=self.metadata(),
-                resource=zone,
-            )
-            server_side_exclude = (zone.settings.server_side_exclude or "").lower()
-            if server_side_exclude == "on":
-                report.status = "PASS"
-                report.status_extended = (
-                    f"Server Side Excludes is enabled for zone {zone.name}."
-                )
-            else:
-                report.status = "FAIL"
-                report.status_extended = (
-                    f"Server Side Excludes is not enabled for zone {zone.name}."
-                )
-            findings.append(report)
-        return findings

tests/providers/cloudflare/services/zone/zone_server_side_excludes_enabled/zone_server_side_excludes_enabled_test.py

@@ -1,138 +0,0 @@
-from unittest import mock
-
-from prowler.providers.cloudflare.services.zone.zone_service import (
-    CloudflareZone,
-    CloudflareZoneSettings,
-)
-from tests.providers.cloudflare.cloudflare_fixtures import (
-    ZONE_ID,
-    ZONE_NAME,
-    set_mocked_cloudflare_provider,
-)
-
-
-class Test_zone_server_side_excludes_enabled:
-    def test_no_zones(self):
-        zone_client = mock.MagicMock
-        zone_client.zones = {}
-
-        with (
-            mock.patch(
-                "prowler.providers.common.provider.Provider.get_global_provider",
-                return_value=set_mocked_cloudflare_provider(),
-            ),
-            mock.patch(
-                "prowler.providers.cloudflare.services.zone.zone_server_side_excludes_enabled.zone_server_side_excludes_enabled.zone_client",
-                new=zone_client,
-            ),
-        ):
-            from prowler.providers.cloudflare.services.zone.zone_server_side_excludes_enabled.zone_server_side_excludes_enabled import (
-                zone_server_side_excludes_enabled,
-            )
-
-            check = zone_server_side_excludes_enabled()
-            result = check.execute()
-            assert len(result) == 0
-
-    def test_zone_server_side_excludes_enabled(self):
-        zone_client = mock.MagicMock
-        zone_client.zones = {
-            ZONE_ID: CloudflareZone(
-                id=ZONE_ID,
-                name=ZONE_NAME,
-                status="active",
-                paused=False,
-                settings=CloudflareZoneSettings(
-                    server_side_exclude="on",
-                ),
-            )
-        }
-
-        with (
-            mock.patch(
-                "prowler.providers.common.provider.Provider.get_global_provider",
-                return_value=set_mocked_cloudflare_provider(),
-            ),
-            mock.patch(
-                "prowler.providers.cloudflare.services.zone.zone_server_side_excludes_enabled.zone_server_side_excludes_enabled.zone_client",
-                new=zone_client,
-            ),
-        ):
-            from prowler.providers.cloudflare.services.zone.zone_server_side_excludes_enabled.zone_server_side_excludes_enabled import (
-                zone_server_side_excludes_enabled,
-            )
-
-            check = zone_server_side_excludes_enabled()
-            result = check.execute()
-            assert len(result) == 1
-            assert result[0].resource_id == ZONE_ID
-            assert result[0].resource_name == ZONE_NAME
-            assert result[0].status == "PASS"
-            assert "Server Side Excludes is enabled" in result[0].status_extended
-
-    def test_zone_server_side_excludes_disabled(self):
-        zone_client = mock.MagicMock
-        zone_client.zones = {
-            ZONE_ID: CloudflareZone(
-                id=ZONE_ID,
-                name=ZONE_NAME,
-                status="active",
-                paused=False,
-                settings=CloudflareZoneSettings(
-                    server_side_exclude="off",
-                ),
-            )
-        }
-
-        with (
-            mock.patch(
-                "prowler.providers.common.provider.Provider.get_global_provider",
-                return_value=set_mocked_cloudflare_provider(),
-            ),
-            mock.patch(
-                "prowler.providers.cloudflare.services.zone.zone_server_side_excludes_enabled.zone_server_side_excludes_enabled.zone_client",
-                new=zone_client,
-            ),
-        ):
-            from prowler.providers.cloudflare.services.zone.zone_server_side_excludes_enabled.zone_server_side_excludes_enabled import (
-                zone_server_side_excludes_enabled,
-            )
-
-            check = zone_server_side_excludes_enabled()
-            result = check.execute()
-            assert len(result) == 1
-            assert result[0].status == "FAIL"
-            assert "Server Side Excludes is not enabled" in result[0].status_extended
-
-    def test_zone_server_side_excludes_none(self):
-        zone_client = mock.MagicMock
-        zone_client.zones = {
-            ZONE_ID: CloudflareZone(
-                id=ZONE_ID,
-                name=ZONE_NAME,
-                status="active",
-                paused=False,
-                settings=CloudflareZoneSettings(
-                    server_side_exclude=None,
-                ),
-            )
-        }
-
-        with (
-            mock.patch(
-                "prowler.providers.common.provider.Provider.get_global_provider",
-                return_value=set_mocked_cloudflare_provider(),
-            ),
-            mock.patch(
-                "prowler.providers.cloudflare.services.zone.zone_server_side_excludes_enabled.zone_server_side_excludes_enabled.zone_client",
-                new=zone_client,
-            ),
-        ):
-            from prowler.providers.cloudflare.services.zone.zone_server_side_excludes_enabled.zone_server_side_excludes_enabled import (
-                zone_server_side_excludes_enabled,
-            )
-
-            check = zone_server_side_excludes_enabled()
-            result = check.execute()
-            assert len(result) == 1
-            assert result[0].status == "FAIL"