diff --git a/src/content/docs/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels.mdx b/src/content/docs/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels.mdx
index 7b6d0c53273d652..6b4ea9ed45ee150 100644
--- a/src/content/docs/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels.mdx
+++ b/src/content/docs/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels.mdx
@@ -13,7 +13,7 @@ Split Tunnels can be configured to exclude or include IP addresses or domains fr
 Split Tunnels only impacts the flow of IP traffic. DNS requests are still resolved by Gateway and subject to DNS policies unless you add the domains to your [Local Domain Fallback](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/local-domains/) configuration.
 :::
 
-Because Split Tunnels controls what Gateway has visibility on at the network level, we recommend testing all changes before rolling out updates to end users. It may take up to 24 hours for changes to propagate to clients, depending on how many devices are connected to your organization.
+Because Split Tunnels controls what Gateway has visibility on at the network level, we recommend testing all changes before rolling out updates to end users. It may take up to 10 minutes for changes to propagate to clients, depending on how many devices are connected to your organization.
 
 ## Change Split Tunnels mode
 
@@ -94,7 +94,7 @@ Removing default Split Tunnel entries may cause users to lose Internet connectiv
 
 1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **WARP Client**.
 2. Under **Device settings**, locate the [device profile](/cloudflare-one/connections/connect-devices/warp/configure-warp/device-profiles/) you would like to modify and select **Configure**.
-3. Under **Split Tunnels**. select **Manage**.
+3. Under **Split Tunnels**, select **Manage**.
 4. Find the IP address or hostname in the list and select **Delete**.
 
 If you need to revert to the default Split Tunnel entries recommended by Cloudflare, select **Restore default entries**.
diff --git a/src/content/docs/cloudflare-one/policies/gateway/egress-policies/index.mdx b/src/content/docs/cloudflare-one/policies/gateway/egress-policies/index.mdx
index aafabcf430a3ad5..99b42ffc29de55f 100644
--- a/src/content/docs/cloudflare-one/policies/gateway/egress-policies/index.mdx
+++ b/src/content/docs/cloudflare-one/policies/gateway/egress-policies/index.mdx
@@ -5,7 +5,7 @@ sidebar:
   order: 5
 ---
 
-import { Render, Badge } from "~/components";
+import { Render, Badge, Tabs, TabItem } from "~/components";
 
 :::note
 Only available on Enterprise plans.
@@ -178,15 +178,43 @@ Gateway uses Rust to evaluate regular expressions. The Rust implementation is sl
 
 ## Limitations
 
-The [Application](#application), [Content Categories](#content-categories), [Domain](#domain), and [Host](#host) selectors are only available for traffic onboarded to Gateway with [WARP](/cloudflare-one/connections/connect-devices/warp/), [PAC files](/cloudflare-one/connections/connect-devices/agentless/pac-files/), or [Browser Isolation](/cloudflare-one/policies/browser-isolation/). To use these selectors to filter traffic onboarded with WARP, you need to:
+### Selector prerequisites
+
+The [Application](#application), [Content Categories](#content-categories), [Domain](#domain), and [Host](#host) selectors are only available for traffic onboarded to Gateway with [WARP](/cloudflare-one/connections/connect-devices/warp/), [PAC files](/cloudflare-one/connections/connect-devices/agentless/pac-files/), or [Browser Isolation](/cloudflare-one/policies/browser-isolation/). To turn on the selectors for your account, use the [Patch Zero Trust account configuration endpoint](/api/resources/zero_trust/subresources/gateway/subresources/configurations/methods/edit/). For example:
+
+```sh title="Turn on selectors for egress policies"
+curl --request PATCH \
+"https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/gateway/configuration" \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
+--header "Content-Type: application/json" \
+--data '{
+  "settings": {
+    "host_selector": {
+      "enabled": true
+		}
+	}
+}'
+```
+
+Additionally, to use these selectors to filter traffic onboarded with WARP, you need to:
 
 1. Ensure you have deployed [WARP beta version 2025.4.589.1](/cloudflare-one/connections/connect-devices/warp/download-warp/beta-releases/) or later on your users' devices.
-2. In your WARP [device profile](/cloudflare-one/connections/connect-devices/warp/configure-warp/device-profiles/), ensure Split Tunnel is set to [**Exclude IPs and domains**](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/#change-split-tunnels-mode).
-3. [Remove the route](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/#remove-a-route) to the IP address `100.64.0.0/10` from your Split Tunnel list.
-4. [Add routes](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/#add-a-route) to exclude the following IP addresses:
-   - `100.64.0.0/12`
-   - `100.81.0.0/16`
-   - `100.82.0.0/15`
-   - `100.84.0.0/14`
-   - `100.88.0.0/13`
-   - `100.96.0.0/11`
+2. In your WARP [device profile](/cloudflare-one/connections/connect-devices/warp/configure-warp/device-profiles/), configure your [Split Tunnel](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/) depending on the mode:
+
+   <Tabs> <TabItem label="Exclude IPs and domains">
+
+   1. [Remove the route](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/#remove-a-route) to the IP address `100.64.0.0/10` from your Split Tunnel exclude list.
+   2. [Add routes](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/#add-a-route) to exclude the following IP addresses:
+      - `100.64.0.0/12`
+      - `100.81.0.0/16`
+      - `100.82.0.0/15`
+      - `100.84.0.0/14`
+      - `100.88.0.0/13`
+      - `100.96.0.0/11`
+
+   </TabItem> <TabItem label="Include IPs and domains">
+
+   1. Add the required [Zero Trust domains](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/#cloudflare-zero-trust-domains) or [IP addresses](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/#cloudflare-zero-trust-ip-addresses) to your Split Tunnel include list.
+   2. [Add a route](/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/#add-a-route) to include the IP address `100.80.0.0/16`.
+
+   </TabItem> </Tabs>
diff --git a/src/content/partials/cloudflare-one/gateway/selectors/egress-selector-limitation.mdx b/src/content/partials/cloudflare-one/gateway/selectors/egress-selector-limitation.mdx
index ccb0863185c0d50..8e5d40b17674b8f 100644
--- a/src/content/partials/cloudflare-one/gateway/selectors/egress-selector-limitation.mdx
+++ b/src/content/partials/cloudflare-one/gateway/selectors/egress-selector-limitation.mdx
@@ -2,4 +2,4 @@
 {}
 ---
 
-This selector is only available for traffic onboarded to Gateway with WARP, PAC files, or Browser Isolation. For more information, refer to [Limitations](#limitations).
+This selector is only available for traffic onboarded to Gateway with WARP, PAC files, or Browser Isolation. For more information, refer to [Selector prerequisites](/cloudflare-one/policies/gateway/egress-policies/#selector-prerequisites).