diff --git a/calico-enterprise/threat/web-application-firewall.mdx b/calico-enterprise/threat/web-application-firewall.mdx
index 87611300d5..e77db915e8 100644
--- a/calico-enterprise/threat/web-application-firewall.mdx
+++ b/calico-enterprise/threat/web-application-firewall.mdx
@@ -178,7 +178,7 @@ SecRuleEngine DetectionOnly
 
 The configuration file starts with importing the appropriate rule set config. We use Coraza WAF's recommended [Core Rule Set setup](https://coraza.io/docs/tutorials/corerule set/) files:
 
-1. Coraza recommended [config](https://github.com/corazawaf/coraza/blob/main/coraza.conf-recommended)
+1. Coraza recommended [configuration](https://github.com/corazawaf/coraza/blob/main/coraza.conf-recommended)
 1. The rest of the [corerule set](https://github.com/corerule set/corerule set) files, currently [v4.0.0-rc2](https://github.com/corerule set/corerule set/tree/v4.0.0-rc2)
 
 These files can be customized if desired. Add all your customizations directly under `tigera.conf`:
@@ -232,7 +232,7 @@ Include @owasp_crs/*.conf
 
 SecRuleEngine DetectionOnly
 
-# --- all customisations appear below this line, unless they need a specific loading order like plugins ---
+# --- all customizations appear below this line, unless they need a specific loading order like plugins ---
 
 # --- Add sampling mode
 # Read about sampling mode here https://corerule set.org/docs/concepts/sampling_mode/
@@ -263,7 +263,7 @@ Change anomaly scoring threshold:
   setvar:tx.outbound_anomaly_score_threshold=20"
 ```
 
-Or even change rule action parameters, behaviour e.g.:
+Or even change rule action parameters or behavior. For example:
 
  ```bash
  # --- append to more allowed content types to request bodies
@@ -296,7 +296,7 @@ wordpress-rule-exclusions-before.conf
 wordpress-rule-exclusions-config.conf
 ```
 
-and then tigera.conf contents should be:
+and then `tigera.conf` contents should be:
 
 ```bash
 Include @coraza.conf-recommended