Skip to content

Commit

Permalink
[Page Shield] New page about PCI DSS v4 (#17671)
Browse files Browse the repository at this point in the history
---------

Co-authored-by: Maddy <130055405+Maddy-Cloudflare@users.noreply.github.com>
  • Loading branch information
pedrosousa and Maddy-Cloudflare authored Oct 21, 2024
1 parent e2107c4 commit 527f0bb
Show file tree
Hide file tree
Showing 5 changed files with 27 additions and 16 deletions.
2 changes: 1 addition & 1 deletion src/content/docs/page-shield/reference/csp-header.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ pcx_content_type: reference
type: overview
title: CSP HTTP header format
sidebar:
order: 4
order: 10
---

import { GlossaryTooltip } from "~/components";
Expand Down
2 changes: 1 addition & 1 deletion src/content/docs/page-shield/reference/page-shield-api.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
pcx_content_type: reference
title: Page Shield API
sidebar:
order: 6
order: 12
---

import { GlossaryTooltip } from "~/components";
Expand Down
17 changes: 17 additions & 0 deletions src/content/docs/page-shield/reference/pci-dss.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
---
title: PCI DSS compliance
pcx_content_type: reference
sidebar:
order: 4
head:
- tag: title
content: Page Shield and PCI DSS compliance
---

You can use Page Shield for PCI DSS v4's client-side security requirements (items 6.4.3 and 11.6.1).

Refer to the [PCI DSS v.4.0 Evaluation](https://cfl.re/4dhk8Gx) whitepaper for details on how you can use Cloudflare Page Shield to meet the new v4 requirements.

:::note
To help with PCI DSS requirements, Page Shield requires you to have an Enterprise plan with a paid add-on. Refer to [Availability](/page-shield/#availability) for details on what is included in each plan.
:::
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,7 @@
title: Roles and permissions
pcx_content_type: reference
sidebar:
order: 5
head: []
order: 11
description: User roles and API token permissions required to access and
configure Page Shield.
---
Expand Down
19 changes: 7 additions & 12 deletions src/content/docs/page-shield/reference/script-statuses.mdx
Original file line number Diff line number Diff line change
@@ -1,33 +1,28 @@
---
pcx_content_type: reference
title: Statuses
title: Script and connection statuses
sidebar:
order: 2
head:
- tag: title
content: Script and connection statuses

label: Statuses
---

Cloudflare classifies scripts and connections (also known as resources) according to the following:

* The number of times a script/connection was reported.
* Whether the script/connection is considered malicious or not.
- The number of times a script/connection was reported.
- Whether the script/connection is considered malicious or not.

Use Page Shield's dashboards to review the scripts loaded in your domain and the connections they make. For more information, refer to [Monitor resources and cookies](/page-shield/detection/monitor-connections-scripts/).

## Available statuses

* **Infrequent**: There are less than three reports for the script/connection. If there are no reports for a script/connection with *Infrequent* status for five days, then Page Shield will delete all the information about the script/connection. Scripts with *Infrequent* status appear only in the All Reported Scripts dashboard, and connections with *Infrequent* status appear only in the All Reported Connections dashboard.
* **Active**: There are more than three reports for the script/connection.
* **Inactive**: A previously active script/connection was not reported in the last seven days. If the script/connection is reported again later, its status will change back to *Active*. If the script/connection is not reported for 30 days, Page Shield will delete all the information about it. Scripts with *Inactive* status appear only in the All Reported Scripts dashboard, and connections with *Inactive* status appear only in the All Reported Connections dashboard.
- **Infrequent**: There are less than three reports for the script/connection. If there are no reports for a script/connection with _Infrequent_ status for five days, then Page Shield will delete all the information about the script/connection. Scripts with _Infrequent_ status appear only in the All Reported Scripts dashboard, and connections with _Infrequent_ status appear only in the All Reported Connections dashboard.
- **Active**: There are more than three reports for the script/connection.
- **Inactive**: A previously active script/connection was not reported in the last seven days. If the script/connection is reported again later, its status will change back to _Active_. If the script/connection is not reported for 30 days, Page Shield will delete all the information about it. Scripts with _Inactive_ status appear only in the All Reported Scripts dashboard, and connections with _Inactive_ status appear only in the All Reported Connections dashboard.

:::note


All scripts and connections considered malicious will appear in the Monitors dashboard, regardless of their status.

Malicious script/connection detection is only available to Enterprise customers with a paid add-on.


:::

0 comments on commit 527f0bb

Please sign in to comment.