--- title: Protect your store description: Before driving traffic to your store, establish security controls to protect against attacks and fraud. image: https://developers.cloudflare.com/cf-twitter-card.png --- [Skip to content](#%5Ftop) Was this helpful? YesNo [ Edit page ](https://github.com/cloudflare/cloudflare-docs/edit/production/src/content/docs/use-cases/e-commerce/protect.mdx) [ Report issue ](https://github.com/cloudflare/cloudflare-docs/issues/new/choose) Copy page # Protect your store Online stores are targets for DDoS attacks, credential stuffing, payment fraud, and supply chain script injections. Cloudflare provides layered security — from SSL/TLS encryption and application security managed rulesets to bot detection and client-side script monitoring — that protects your store without adding friction for shoppers. ## Solutions ### SSL/TLS Encrypt all traffic with free, automatic SSL certificates. [Learn more about SSL/TLS](https://developers.cloudflare.com/ssl/). * **PCI DSS compliance support** \- Transport Layer Security (TLS) encryption and application security managed rulesets help meet Payment Card Industry (PCI) payment security requirements ### Application security Get automatic protection from vulnerabilities and create your own custom rules. [Learn more about application security](https://developers.cloudflare.com/waf/). ### DDoS protection Automatic mitigation of volumetric and application-layer DDoS attacks. [Learn more about DDoS protection](https://developers.cloudflare.com/ddos-protection/). * **HTTP DDoS protection** \- Automatic, always-on mitigation of HTTP flood attacks, cache-busting attacks, and application-layer Distributed Denial of Service (DDoS) attacks at layer 7\. No configuration required — active on all Cloudflare domains by default ### Bot security Machine learning powered bot detection with granular control over bot traffic. [Learn more about Bot security](https://developers.cloudflare.com/bots/). * **Credential stuffing protection** \- ML-powered bot detection blocks automated login and account takeover attacks ### Turnstile Privacy-preserving CAPTCHA alternative for forms and user interactions. [Learn more about Turnstile](https://developers.cloudflare.com/turnstile/). * **Payment form security** \- Privacy-preserving CAPTCHA alternative that protects checkout without adding user friction ### Client-side security Monitor and control third-party scripts and outbound connections on your pages. [Learn more about Client-side security](https://developers.cloudflare.com/client-side-security/). * **Supply chain protection** \- Detects malicious scripts injected by compromised third-party vendors (Magecart-style attacks) ## Get started 1. [Enable SSL/TLS](https://developers.cloudflare.com/ssl/get-started/) 2. [Configure Application Security managed rules](https://developers.cloudflare.com/waf/managed-rules/deploy-zone-dashboard/) 3. [Set up Bot security](https://developers.cloudflare.com/bots/get-started/) 4. [Add Turnstile to forms](https://developers.cloudflare.com/turnstile/get-started/) 5. [Enable Client-side security](https://developers.cloudflare.com/client-side-security/get-started/) ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"@id":"/directory/","name":"Directory"}},{"@type":"ListItem","position":2,"item":{"@id":"/use-cases/","name":"Use cases"}},{"@type":"ListItem","position":3,"item":{"@id":"/use-cases/e-commerce/","name":"E-commerce"}},{"@type":"ListItem","position":4,"item":{"@id":"/use-cases/e-commerce/protect/","name":"Protect your store"}}]} ```