Cloudflare Page Shield

Website visitors stay safer and business moves faster

Cloudflare Page Shield protects your visitors from Magecart-style supply chain attacks that steal credit card information and sensitive data through malicious third-party dependencies.

What is a Magecart attack?

A Magecart-style attack is a type of software supply chain attack carried out in a user’s browser. Attackers compromise third-party JavaScript dependencies running across many websites to gain control over the source code served to browsers. When the infected code executes, it can steal sensitive data that end-users enter into the site such as credit card details.

Monitor for new dependencies

Track JavaScript dependencies over time to know when new JavaScript dependencies appear. Investigate if changes were normal and expected or carried out by an attacker inserting a new, malicious JavaScript file.


Malicious JavaScript alerting

Know instantly if JavaScript is being served from known-malicious URLs by comparing the domains of client-side JavaScript dependencies against threat intelligence.


Script change protection

Monitor for suspicious JavaScript dependency activity. When new code behavior is detected to existing files, an alert lets you review changes to determine if the new code is a benign update or the work of an attacker.


Part of Cloudflare Application Security

Protections from our cloud edge

Cloudflare Page Shield forms part of our advanced application security portfolio that keeps applications and APls secure and productive, thwarts DDoS attacks, repels bots at scale, detects anomalies and malicious payloads, all while monitoring for browser supply chain attacks.

Our powerful application security capabilities are integrated with the rest our leading application performance portfolio, all delivered from the world’s most connected global cloud platform.

Bot Management

Deliver great customer experiences by protecting against bot attacks that harm web properties.

Web application firewall

Stop application attacks - both known techniques and zero day exploits.

API Shield

Keep APIs secure and productive with API discovery and protection.