Skip to content

[Page Shield] New page about PCI DSS v4 #17671

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Oct 21, 2024
Merged

[Page Shield] New page about PCI DSS v4 #17671

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0fdea81
[Page Shield] New page about PCI DSS v4
pedrosousa Oct 21, 2024
6682e03
Apply suggestions from PCX review
pedrosousa Oct 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/content/docs/page-shield/reference/csp-header.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ pcx_content_type: reference
type: overview
title: CSP HTTP header format
sidebar:
order: 4
order: 10
---

import { GlossaryTooltip } from "~/components";
Expand Down
2 changes: 1 addition & 1 deletion src/content/docs/page-shield/reference/page-shield-api.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
pcx_content_type: reference
title: Page Shield API
sidebar:
order: 6
order: 12
---

import { GlossaryTooltip } from "~/components";
Expand Down
17 changes: 17 additions & 0 deletions src/content/docs/page-shield/reference/pci-dss.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
---
title: PCI DSS compliance
pcx_content_type: reference
sidebar:
order: 4
head:
- tag: title
content: Page Shield and PCI DSS compliance
---

You can use Page Shield for PCI DSS v4's client-side security requirements (items 6.4.3 and 11.6.1).

Refer to the [PCI DSS v.4.0 Evaluation](https://cfl.re/4dhk8Gx) whitepaper for details on how you can use Cloudflare Page Shield to meet the new v4 requirements.

:::note
To help with PCI DSS requirements, Page Shield requires you to have an Enterprise plan with a paid add-on. Refer to [Availability](/page-shield/#availability) for details on what is included in each plan.
:::
3 changes: 1 addition & 2 deletions src/content/docs/page-shield/reference/roles-and-permissions.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,7 @@
title: Roles and permissions
pcx_content_type: reference
sidebar:
order: 5
head: []
order: 11
description: User roles and API token permissions required to access and
configure Page Shield.
---
Expand Down
19 changes: 7 additions & 12 deletions src/content/docs/page-shield/reference/script-statuses.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,33 +1,28 @@
---
pcx_content_type: reference
title: Statuses
title: Script and connection statuses
sidebar:
order: 2
head:
- tag: title
content: Script and connection statuses

label: Statuses
---

Cloudflare classifies scripts and connections (also known as resources) according to the following:

* The number of times a script/connection was reported.
* Whether the script/connection is considered malicious or not.
- The number of times a script/connection was reported.
- Whether the script/connection is considered malicious or not.

Use Page Shield's dashboards to review the scripts loaded in your domain and the connections they make. For more information, refer to [Monitor resources and cookies](/page-shield/detection/monitor-connections-scripts/).

## Available statuses

* **Infrequent**: There are less than three reports for the script/connection. If there are no reports for a script/connection with *Infrequent* status for five days, then Page Shield will delete all the information about the script/connection. Scripts with *Infrequent* status appear only in the All Reported Scripts dashboard, and connections with *Infrequent* status appear only in the All Reported Connections dashboard.
* **Active**: There are more than three reports for the script/connection.
* **Inactive**: A previously active script/connection was not reported in the last seven days. If the script/connection is reported again later, its status will change back to *Active*. If the script/connection is not reported for 30 days, Page Shield will delete all the information about it. Scripts with *Inactive* status appear only in the All Reported Scripts dashboard, and connections with *Inactive* status appear only in the All Reported Connections dashboard.
- **Infrequent**: There are less than three reports for the script/connection. If there are no reports for a script/connection with _Infrequent_ status for five days, then Page Shield will delete all the information about the script/connection. Scripts with _Infrequent_ status appear only in the All Reported Scripts dashboard, and connections with _Infrequent_ status appear only in the All Reported Connections dashboard.
- **Active**: There are more than three reports for the script/connection.
- **Inactive**: A previously active script/connection was not reported in the last seven days. If the script/connection is reported again later, its status will change back to _Active_. If the script/connection is not reported for 30 days, Page Shield will delete all the information about it. Scripts with _Inactive_ status appear only in the All Reported Scripts dashboard, and connections with _Inactive_ status appear only in the All Reported Connections dashboard.

:::note


All scripts and connections considered malicious will appear in the Monitors dashboard, regardless of their status.

Malicious script/connection detection is only available to Enterprise customers with a paid add-on.


:::
Loading