diff --git a/docs/data-sources/rulesets.md b/docs/data-sources/rulesets.md
index 81491ff3369..a63c4dc1129 100644
--- a/docs/data-sources/rulesets.md
+++ b/docs/data-sources/rulesets.md
@@ -109,6 +109,7 @@ Read-Only:
 - `mirage` (Boolean)
 - `opportunistic_encryption` (Boolean)
 - `origin` (List of Object) (see [below for nested schema](#nestedobjatt--rulesets--rules--action_parameters--origin))
+- `origin_cache_control` (Boolean)
 - `origin_error_page_passthru` (Boolean)
 - `overrides` (List of Object) (see [below for nested schema](#nestedobjatt--rulesets--rules--action_parameters--overrides))
 - `phases` (Set of String)
diff --git a/docs/resources/ruleset.md b/docs/resources/ruleset.md
index 525b35d0177..1d4efa847db 100644
--- a/docs/resources/ruleset.md
+++ b/docs/resources/ruleset.md
@@ -508,6 +508,7 @@ Optional:
 - `mirage` (Boolean) Turn on or off Cloudflare Mirage of the Cloudflare Speed app.
 - `opportunistic_encryption` (Boolean) Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.
 - `origin` (Block List) List of properties to change request origin. (see [below for nested schema](#nestedblock--rules--action_parameters--origin))
+- `origin_cache_control` (Boolean)
 - `origin_error_page_passthru` (Boolean) Pass-through error page for origin.
 - `overrides` (Block List) List of override configurations to apply to the ruleset. (see [below for nested schema](#nestedblock--rules--action_parameters--overrides))
 - `phases` (Set of String) Point in the request/response lifecycle where the ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, `http_config_settings`, `http_custom_errors`, `http_log_custom_fields`, `http_ratelimit`, `http_request_cache_settings`, `http_request_dynamic_redirect`, `http_request_firewall_custom`, `http_request_firewall_managed`, `http_request_late_transform`, `http_request_origin`, `http_request_redirect`, `http_request_sanitize`, `http_request_sbfm`, `http_request_transform`, `http_response_compression`, `http_response_firewall_managed`, `http_response_headers_transform`, `magic_transit`.
diff --git a/internal/framework/service/rulesets/model.go b/internal/framework/service/rulesets/model.go
index 2ce2d6b9979..6e9da9c7c26 100644
--- a/internal/framework/service/rulesets/model.go
+++ b/internal/framework/service/rulesets/model.go
@@ -55,6 +55,7 @@ type ActionParametersModel struct {
 	Mirage                  types.Bool                                   `tfsdk:"mirage"`
 	OpportunisticEncryption types.Bool                                   `tfsdk:"opportunistic_encryption"`
 	Origin                  []*ActionParameterOriginModel                `tfsdk:"origin"`
+	OriginCacheControl      types.Bool                                   `tfsdk:"origin_cache_control"`
 	OriginErrorPagePassthru types.Bool                                   `tfsdk:"origin_error_page_passthru"`
 	Overrides               []*ActionParameterOverridesModel             `tfsdk:"overrides"`
 	Phases                  types.Set                                    `tfsdk:"phases"`
diff --git a/internal/framework/service/rulesets/resource_test.go b/internal/framework/service/rulesets/resource_test.go
index 35c1371f824..43fbbd594c7 100644
--- a/internal/framework/service/rulesets/resource_test.go
+++ b/internal/framework/service/rulesets/resource_test.go
@@ -1836,6 +1836,7 @@ func TestAccCloudflareRuleset_CacheSettingsAllEnabled(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceName, "rules.0.action_parameters.0.cache_key.0.custom_key.0.user.0.device_type", "true"),
 					resource.TestCheckResourceAttr(resourceName, "rules.0.action_parameters.0.cache_key.0.custom_key.0.user.0.geo", "false"),
 					resource.TestCheckResourceAttr(resourceName, "rules.0.action_parameters.0.cache_key.0.custom_key.0.host.0.resolved", "true"),
+					resource.TestCheckResourceAttr(resourceName, "rules.0.action_parameters.0.origin_cache_control", "true"),
 					resource.TestCheckResourceAttr(resourceName, "rules.0.action_parameters.0.origin_error_page_passthru", "false"),
 				),
 			},
@@ -3918,6 +3919,7 @@ func testAccCloudflareRulesetCacheSettingsAllEnabled(rnd, accountID, zoneID stri
 				}
 			}
 		}
+		origin_cache_control = true
 		origin_error_page_passthru = false
       }
 	  expression = "true"
diff --git a/internal/framework/service/rulesets/schema.go b/internal/framework/service/rulesets/schema.go
index b70ced88fb5..3da714f0223 100644
--- a/internal/framework/service/rulesets/schema.go
+++ b/internal/framework/service/rulesets/schema.go
@@ -219,6 +219,10 @@ func (r *RulesetResource) Schema(ctx context.Context, req resource.SchemaRequest
 										Optional:            true,
 										MarkdownDescription: "Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app.",
 									},
+									"origin_cache_control": schema.BoolAttribute{
+										Optional:            true,
+										MarkdownDescription: "Enable or disable the use of a more compliant Cache Control parsing mechanism, enabled by default for most zones.",
+									},
 									"phases": schema.SetAttribute{
 										ElementType:         types.StringType,
 										Optional:            true,
diff --git a/internal/sdkv2provider/data_source_rulesets.go b/internal/sdkv2provider/data_source_rulesets.go
index a7a70a710bc..1af89d9fd7b 100644
--- a/internal/sdkv2provider/data_source_rulesets.go
+++ b/internal/sdkv2provider/data_source_rulesets.go
@@ -828,6 +828,11 @@ func resourceCloudflareRulesetSchema() map[string]*schema.Schema {
 										},
 									},
 								},
+								"origin_cache_control": {
+									Type:        schema.TypeBool,
+									Optional:    true,
+									Description: "Sets a more compliant mode for parsing Cache Control headers",
+								},
 								"origin_error_page_passthru": {
 									Type:        schema.TypeBool,
 									Optional:    true,