diff --git a/src/content/docs/page-shield/reference/csp-header.mdx b/src/content/docs/page-shield/reference/csp-header.mdx index a5d8ad9cfcd9904..12d261b10f57a3b 100644 --- a/src/content/docs/page-shield/reference/csp-header.mdx +++ b/src/content/docs/page-shield/reference/csp-header.mdx @@ -3,7 +3,7 @@ pcx_content_type: reference type: overview title: CSP HTTP header format sidebar: - order: 4 + order: 10 --- import { GlossaryTooltip } from "~/components"; diff --git a/src/content/docs/page-shield/reference/page-shield-api.mdx b/src/content/docs/page-shield/reference/page-shield-api.mdx index 2e966c008a4bdba..3081d4f07c4e323 100644 --- a/src/content/docs/page-shield/reference/page-shield-api.mdx +++ b/src/content/docs/page-shield/reference/page-shield-api.mdx @@ -2,7 +2,7 @@ pcx_content_type: reference title: Page Shield API sidebar: - order: 6 + order: 12 --- import { GlossaryTooltip } from "~/components"; diff --git a/src/content/docs/page-shield/reference/pci-dss.mdx b/src/content/docs/page-shield/reference/pci-dss.mdx new file mode 100644 index 000000000000000..d8853ce99dd24f6 --- /dev/null +++ b/src/content/docs/page-shield/reference/pci-dss.mdx @@ -0,0 +1,17 @@ +--- +title: PCI DSS compliance +pcx_content_type: reference +sidebar: + order: 4 +head: + - tag: title + content: Page Shield and PCI DSS compliance +--- + +You can use Page Shield for PCI DSS v4's client-side security requirements (items 6.4.3 and 11.6.1). + +Refer to the [PCI DSS v.4.0 Evaluation](https://cfl.re/4dhk8Gx) whitepaper for details on how you can use Cloudflare Page Shield to meet the new v4 requirements. + +:::note +To help with PCI DSS requirements, Page Shield requires you to have an Enterprise plan with a paid add-on. Refer to [Availability](/page-shield/#availability) for details on what is included in each plan. +::: diff --git a/src/content/docs/page-shield/reference/roles-and-permissions.mdx b/src/content/docs/page-shield/reference/roles-and-permissions.mdx index d0c7ff1ceaf0efb..32e63e1a94d0ed0 100644 --- a/src/content/docs/page-shield/reference/roles-and-permissions.mdx +++ b/src/content/docs/page-shield/reference/roles-and-permissions.mdx @@ -2,8 +2,7 @@ title: Roles and permissions pcx_content_type: reference sidebar: - order: 5 -head: [] + order: 11 description: User roles and API token permissions required to access and configure Page Shield. --- diff --git a/src/content/docs/page-shield/reference/script-statuses.mdx b/src/content/docs/page-shield/reference/script-statuses.mdx index 88cfedc395a530c..4b153a700cf8bb8 100644 --- a/src/content/docs/page-shield/reference/script-statuses.mdx +++ b/src/content/docs/page-shield/reference/script-statuses.mdx @@ -1,33 +1,28 @@ --- pcx_content_type: reference -title: Statuses +title: Script and connection statuses sidebar: order: 2 -head: - - tag: title - content: Script and connection statuses - + label: Statuses --- Cloudflare classifies scripts and connections (also known as resources) according to the following: -* The number of times a script/connection was reported. -* Whether the script/connection is considered malicious or not. +- The number of times a script/connection was reported. +- Whether the script/connection is considered malicious or not. Use Page Shield's dashboards to review the scripts loaded in your domain and the connections they make. For more information, refer to [Monitor resources and cookies](/page-shield/detection/monitor-connections-scripts/). ## Available statuses -* **Infrequent**: There are less than three reports for the script/connection. If there are no reports for a script/connection with *Infrequent* status for five days, then Page Shield will delete all the information about the script/connection. Scripts with *Infrequent* status appear only in the All Reported Scripts dashboard, and connections with *Infrequent* status appear only in the All Reported Connections dashboard. -* **Active**: There are more than three reports for the script/connection. -* **Inactive**: A previously active script/connection was not reported in the last seven days. If the script/connection is reported again later, its status will change back to *Active*. If the script/connection is not reported for 30 days, Page Shield will delete all the information about it. Scripts with *Inactive* status appear only in the All Reported Scripts dashboard, and connections with *Inactive* status appear only in the All Reported Connections dashboard. +- **Infrequent**: There are less than three reports for the script/connection. If there are no reports for a script/connection with _Infrequent_ status for five days, then Page Shield will delete all the information about the script/connection. Scripts with _Infrequent_ status appear only in the All Reported Scripts dashboard, and connections with _Infrequent_ status appear only in the All Reported Connections dashboard. +- **Active**: There are more than three reports for the script/connection. +- **Inactive**: A previously active script/connection was not reported in the last seven days. If the script/connection is reported again later, its status will change back to _Active_. If the script/connection is not reported for 30 days, Page Shield will delete all the information about it. Scripts with _Inactive_ status appear only in the All Reported Scripts dashboard, and connections with _Inactive_ status appear only in the All Reported Connections dashboard. :::note - All scripts and connections considered malicious will appear in the Monitors dashboard, regardless of their status. Malicious script/connection detection is only available to Enterprise customers with a paid add-on. - :::