Configuration settings
Reporting endpoint
Section titled “Reporting endpoint”When enabled, Page Shield uses a Content Security Policy (CSP) report-only HTTP header to gather information about all the scripts running on your application.
By default, reports are sent to a Cloudflare-owned endpoint:
https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?<QUERY_STRING>Enterprise customers with a paid add-on can change the reporting endpoint so that the CSP reports are sent to the same hostname:
<YOUR-HOSTNAME>/cdn-cgi/script-monitor/report?<QUERY_STRING>Prerequisites for using the same hostname for CSP reports
Section titled “Prerequisites for using the same hostname for CSP reports”Using the same hostname for CSP reporting may interfere with other Cloudflare products. Before selecting this option, ensure that your Cloudflare configuration complies with the following:
- No rate limiting rules match the
cdn-cgi/*URL path - No WAF custom rules match the
cdn-cgi/*URL path
Configure the reporting endpoint
Section titled “Configure the reporting endpoint”To configure the CSP reporting endpoint:
- Log in to the Cloudflare dashboard ↗, and select your account and domain.
- Go to Security > Page Shield > Settings.
- Under Reporting endpoint, select Cloudflare-owned endpoint or Same hostname.
- Select Apply settings.
Connection target details
Section titled “Connection target details”When connection targets are reported to Cloudflare, their URIs can sometimes include sensitive data such as session ID.
By default, Page Shield will only check the domain against malicious threat intelligence feeds. You can choose to let Page Shield use the full URI when analyzing the connections made from your domain's pages. Any sensitive data present in the URI will be logged in clear text, and any user with access to the connection monitor dashboard will be able to view it.
Configure the connection target details to use
Section titled “Configure the connection target details to use”- Log in to the Cloudflare dashboard ↗, and select your account and domain.
- Go to Security > Page Shield > Settings.
- Under Connection target details, select Log host only to analyze only the hostname or Log full URI to use the full URI in Page Shield.
- Select Apply settings.
Turn off Page Shield
Section titled “Turn off Page Shield”When you turn off Page Shield, you lose visibility on the scripts running on your zone, the outbound connections made from pages in your domain, and cookies detected in HTTP traffic.
To turn off Page Shield:
- Log in to the Cloudflare dashboard ↗, and select your account and domain.
- Go to Security > Page Shield > Settings.
- In Disable Page Shield, select Disable.
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Products
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark