diff --git a/calico-enterprise/threat/web-application-firewall.mdx b/calico-enterprise/threat/web-application-firewall.mdx
index 3fe306c26c..3c96a4b7db 100644
--- a/calico-enterprise/threat/web-application-firewall.mdx
+++ b/calico-enterprise/threat/web-application-firewall.mdx
@@ -222,7 +222,7 @@ By default WAF will not block a request even if it has matching rule violations.
 
 For basic customizations, it's best to add it after all the includes in `tigera.conf`. In fact, this is the reason why the `SecRuleEngine` directive and the rest of [our customizations](https://github.com/tigera/operator/blob/master/pkg/render/applicationlayer/embed/coreruleset/tigera.conf#L8-L17) are situated there.
 
-An example is adding a sampling mode. For that, the tigera.conf will look like this:
+An example is adding a sampling mode. For that, the `tigera.conf` will look like this:
 
 ```bash
 # coreruleset activation