diff --git a/src/content/docs/security/overview.mdx b/src/content/docs/security/overview.mdx index ffe130fc958722c..72e3a52671e1c09 100644 --- a/src/content/docs/security/overview.mdx +++ b/src/content/docs/security/overview.mdx @@ -10,14 +10,5 @@ Security overview provides a high-level overview of your domain. It allows you t The Security overview page displays the following information: - If you are on a Free plan, the dashboard will display **Traffic last 24 hours**, which allows you to review traffic from the 24 hours that has been mitigated by Cloudflare. If you are on a Business, Pro, or Enterprise plan, the dashboard will display **Traffic last 7 days**, which allows you to review traffic from the last seven days that has been mitigated by Cloudflare. -- **Modules**: The dashboard will display suggestions categorized on your security module. -- **All suggestions**: The dashboard displays a list of suggestions to improve your security posture. Suggestions include: - - Web application exploits - - DDoS attacks - - Bot traffic - - API abuse - - Client-side abuse - - Domain settings - - Web assets and endpoints - - Rule templates - - Detections \ No newline at end of file +- **Security category**: The dashboard will display security suggestions categorized by the different types of threats that Cloudflare detects and mitigates. +- **All suggestions**: The dashboard displays the full list of available suggestions to improve your security posture. diff --git a/src/content/docs/security/settings.mdx b/src/content/docs/security/settings.mdx index 62d7d970feaaa61..226a2e360f7de91 100644 --- a/src/content/docs/security/settings.mdx +++ b/src/content/docs/security/settings.mdx @@ -9,13 +9,15 @@ description: Configure different Cloudflare security features that protect your This page describes the settings available in **Security** > **Settings** for a given domain. -## Security modules +## Security setting categories -### Web application exploits module +Security settings and detection tools are categorized by the type of threat that they detect and mitigate. -In the **Web application exploits** security module you can manage the following settings: +### Web application exploits -- Detections: +In the **Web application exploits** security category you can manage the following settings: + +- Detection tools: - [Leaked credentials detection](/waf/detections/leaked-credentials/) - [Malicious uploads detection](/waf/detections/malicious-uploads/) - [Sensitive data detection](/waf/managed-rules/reference/sensitive-data-detection/) @@ -28,12 +30,12 @@ In the **Web application exploits** security module you can manage the following Refer to each linked page for details. :::note -The web application exploits module includes features and settings from the [Cloudflare WAF](/waf/) in the previous dashboard navigation structure. +The web application exploits security category includes features and settings from the [Cloudflare WAF](/waf/) in the previous dashboard navigation structure. ::: -### DDoS attacks module +### DDoS attacks -The **DDoS protection** security module shows the multiple mitigation services against DDoS attacks provided by Cloudflare. +The **DDoS attacks** security category shows the multiple mitigation services against DDoS attacks provided by Cloudflare. You can create rules to override DDoS attack protection tools. DDoS attack protection overrides are only available to Enterprise customers with the Advanced DDoS Protection subscription. @@ -59,9 +61,9 @@ Additionally, you can manage the following settings: - [Under Attack mode](/fundamentals/reference/under-attack-mode/) (under Security Level) - SSL/TLS DDoS attack protection -### Bot traffic module +### Bot traffic -In the **Bot traffic** security module you can manage the following settings: +In the **Bot traffic** security category you can manage the following settings: - [AI Labyrinth](/bots/additional-configurations/ai-labyrinth/) - [Block AI Bots](/bots/concepts/bot/#ai-bots) @@ -72,12 +74,12 @@ In the **Bot traffic** security module you can manage the following settings: - API [sequence detection](/api-shield/security/sequence-analytics/) (requires you to configure a session identifier) :::note -The bot traffic module includes features and settings from [Bots](/bots/) in the previous dashboard navigation structure. +The bot traffic security category includes features and settings from [Bots](/bots/) in the previous dashboard navigation structure. ::: -### API abuse module +### API abuse -In the **API abuse** security module you can manage the following settings: +In the **API abuse** security category you can manage the following settings: - [Developer portal](/api-shield/management-and-monitoring/developer-portal/) creation - [Endpoint discovery](/api-shield/security/api-discovery/) (always enabled if included in your Enterprise subscriptions; requires you to configure a [session identifier](/api-shield/management-and-monitoring/session-identifiers/)) @@ -85,19 +87,19 @@ In the **API abuse** security module you can manage the following settings: - [JWT validation](/api-shield/security/jwt-validation/) (requires you to add a [JWT configuration](/api-shield/security/jwt-validation/api/#token-configurations)) :::note -The API abuse module includes features and settings from [API Shield](/api-shield/) in the previous dashboard navigation structure. +The API abuse security category includes features and settings from [API Shield](/api-shield/) in the previous dashboard navigation structure. ::: -### Client-side abuse module +### Client-side abuse -In the **Client-side abuse** security module you can manage the following settings: +In the **Client-side abuse** security category you can manage the following settings: - [Continuous script monitoring](/page-shield/how-it-works/) (previously [Page Shield](/page-shield/)): - [Reporting endpoint](/page-shield/reference/settings/#reporting-endpoint) to use your hostname instead of a Cloudflare-owned endpoint (only for Enterprise customers with a paid add-on) - [Data logged in client-side abuse reports](/page-shield/reference/settings/#connection-target-details) (only the hostname or the full URI) :::note -The client-side abuse module includes features and settings from [Page Shield](/page-shield/) in the previous dashboard navigation structure. +The client-side abuse security category includes features and settings from [Page Shield](/page-shield/) in the previous dashboard navigation structure. ::: ## All settings