Cloudflare Page Shield Connections
Retrieves Page Shield connections across Cloudflare zones for tracking third-party scripts and connections. This input collects information about all connections detected by Page Shield, including external scripts, APIs, and resources loaded on your domains. This helps identify security risks and monitor potential malicious connections.
Sync Type: Full Synchronization
Requirements
- A Cloudflare account with access to Page Shield (Enterprise plan or add-on)
- An API Token with
Zone:Readpermission - One or more zones (domains) configured in your Cloudflare account
Creating an API Token
- Log in to your Cloudflare dashboard
- Navigate to My Profile > API Tokens
- Click Create Token
- Use the Create Custom Token option
- Configure the token:
- Token name: Give it a descriptive name (e.g., "Monad Page Shield")
- Permissions: Add
Zone>Zone>Read - Zone Resources: Select the specific zone(s) or "All zones"
- Click Continue to summary and then Create Token
- Copy the token value (you won't be able to see it again)
Accessing Page Shield
Page Shield must be enabled on your Cloudflare zones. To verify:
- Log in to your Cloudflare dashboard
- Select a zone and navigate to Security > Page Shield
- Ensure Page Shield is enabled and has detected connections
- (Optional) Note specific zone IDs for targeted monitoring
Details
Monad uses the cron field to run this input on specific intervals and returns all Page Shield connections matching your filters, performing a full sync of data each time. The input retrieves comprehensive connection information including:
- Connection metadata (ID, timestamps, host, URL)
- First page URL where connection was detected
- All pages where connection was detected
- Malicious classification (domain and URL reputation)
- Malicious categories (if applicable)
- CDN-CGI path detection
The input supports filtering by connection status (active, infrequent, inactive) and can optionally exclude Cloudflare's /cdn-cgi internal paths. If multiple zones are configured or no specific zones are provided, the input fetches connections from all zones.
Configuration
The following configuration defines the input parameters. Each field's specifications, such as type, requirements, and descriptions, are detailed below.
Settings
| Setting | Type | Required | Description |
|---|---|---|---|
cron | string | Yes | Cron string for scheduling the ingest of your input. Example: '0 0 * * *' for daily execution at midnight. |
zone_ids | array | No | Optional list of specific Cloudflare zone IDs to fetch connections from. If empty, fetches from all zones accessible by the API token. |
status | string | No | Filter connections by status: 'active', 'infrequent', or 'inactive'. Default: 'active' |
exclude_cdn_cgi | boolean | No | Exclude connections to Cloudflare /cdn-cgi paths. Default: true |
Secrets
| Secret | Type | Required | Description |
|---|---|---|---|
api_token | string | Yes | Your Cloudflare API token with Zone:Read permission |
Rate Limits
| Scope | Limit | Window | Notes |
|---|---|---|---|
| API Requests | 1,200 | per 5 minutes | Standard rate limit across Cloudflare API |
Headers: X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset
Source: Cloudflare API Rate Limits
Troubleshooting
Common Issues
Issue: API returned success=false with authentication error
Cause: The API token is invalid, expired, or lacks the required permissions.
Solution: Verify your API token is correct and has the Zone:Read permission. Create a new token if needed.
Issue: No connections returned despite Page Shield being enabled Cause: Page Shield may not be enabled on the zones, or no connections have been detected yet. Solution: Verify Page Shield is enabled in Security > Page Shield on your zones. Ensure the zones have traffic and are actively monitored.
Issue: Getting fewer connections than expected Cause: The status filter may be limiting results, or zone IDs may not be specified correctly. Solution: Check your status filter setting (default is 'active'). Try an empty zone_ids list to fetch from all zones, or verify zone IDs are formatted correctly.
Issue: CDN-CGI paths are being excluded when you need them
Cause: The exclude_cdn_cgi setting is enabled by default.
Solution: Set exclude_cdn_cgi to false in your configuration to include /cdn-cgi connections.
Issue: Rate limit exceeded errors Cause: Multiple integrations or manual API calls are consuming the rate limit quota. Solution: The input automatically handles rate limiting. If you see persistent errors, reduce the frequency of other API calls to your Cloudflare account or increase the cron interval.
Related Articles
- Cloudflare Page Shield API Documentation
- Cloudflare Page Shield Overview
- Cloudflare API Tokens
- Cloudflare API Rate Limits
Sample Record
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"added_at": "2024-01-15T10:30:45Z",
"first_seen_at": "2024-01-15T10:15:30Z",
"last_seen_at": "2024-01-15T10:45:20Z",
"host": "cdn.example.com",
"url": "https://cdn.example.com/analytics/tracking.js",
"first_page_url": "https://example.com/",
"page_urls": [
"https://example.com/",
"https://example.com/products",
"https://example.com/contact"
],
"url_contains_cdn_cgi_path": false,
"domain_reported_malicious": false,
"url_reported_malicious": false,
"malicious_domain_categories": [],
"malicious_url_categories": []
}