Cloudflare page shield

Will Cloudflare page shield protect against the malicious plugin that if found on WordPress. Like example, if my client uploads a malicious plugin to WordPress site. Will Cloudflare page shield protect against that? Also Cloudflare waf ?


Thank you for asking.

Short answer, no. It will not protect, rather warn you about the changes in some script upon which you decide how to act on it.
I’d strongly recommend you installing some kind of an anti-malware detection & scanner plugin at your WordPress instace to protect your origin host/server and WordPress itself from malicious code/scripts which might be somehow inserted either via nulled themes/plugins or some bad behaviour person who might have the access to your WordPress website. It could be either Wordfence or some other like Sucuri, or if you’re running a cPanel, then it should contain Imunify360 or at least ClamAV, or some other.

Regarding WordPress and Cloudflare, here I’m sharing my post which you might find helpful, at least in terms of a security & protection for your WordPress website while using Cloudflare:

Cloudflare Page Shiled would warn and alert you about any changes made to the original script so you (the owner) could act timely and respectively upon that event.
It will not modify the code nor “clean” it on the origin itself in case if it contains some malicious code. It’s not an Anti-Malware detection & cleaning software/feature (yet).

Helpful from the docs:

From the blog:

Cloudflare WAF includes a combination rules to protect your web application against (un)known L7 attack patterns which include SQLi, XSS and others. It blocks such suspicious requests either from some hacker or a bot, so they don’t get pass onto your web application.

Helpful from the docs:

From the blog:

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.