Log in Sign up
CMS Integration

Shopify Integration

Protect your Shopify storefront from bots, credential stuffing, and automated abuse using a lightweight JavaScript agent injected via the Shopify ScriptTag API.

~2KB
Agent payload
0
Theme file changes
Fail-open
Checkout never breaks

How it works

  1. ScriptTag injection — Relintio registers a JavaScript agent via the Shopify ScriptTag Admin API. No theme edits required.
  2. Client-side fingerprinting — On each page load, the agent collects browser signals (UA, timezone, screen resolution, touch capability) and sends a verify request to the Relintio cloud.
  3. Cloud decision — The cloud responds with allow, challenge, or block within ~50ms.
  4. Enforcement — Challenges redirect through the hosted security check and return to the storefront. Blocks render a branded overlay. Legitimate visitors see nothing.

Installation

From the Relintio Dashboard (recommended)

  1. Go to Console → Deployment → Shopify.
  2. Enter your Shopify store domain (e.g. mystore.myshopify.com).
  3. Authenticate via Shopify OAuth when prompted.
  4. The platform registers the ScriptTag automatically — no code required.

The agent starts in observe mode by default. Switch to enforce from the Console once you've reviewed the event log.

Manual installation (theme snippet)

If you prefer manual control or cannot use the automated flow:

  1. Download the Shopify agent bundle from Console → Deployment → Shopify.
  2. In Shopify Admin, go to Online Store → Themes → Edit Code.
  3. Under Snippets, create a new file called relintio.liquid.
  4. Paste the provided snippet code.
  5. Open theme.liquid and add {%raw%}{% render 'relintio' %}{%endraw%} just before </head>.
<!-- Relintio Shopify Agent -->
<script
  src="https://www.relintio.com/agent/shopify/v1.js"
  data-ag-key="UP_LIVE_..."
  defer
></script>

Configuration

All configuration is managed from the Relintio Console:

Setting Description
Protection Modeobserve (log only) or enforce (active blocking)
Challenge TypeJavaScript challenge or visual CAPTCHA
Excluded PathsPaths to skip (e.g. /admin, /checkout)
Rate LimitsMax requests per IP per minute before challenge

Fail-open design

The Shopify agent is designed to never break your store. If the Relintio cloud is unreachable (network timeout, maintenance, DNS issues), the agent silently fails open — your storefront and checkout continue to function normally.

  • XHR timeout: 5000ms
  • On error: silent fail — no DOM changes, no console errors
  • Checkout is never intercepted
  • Shopify design mode (theme editor) is automatically excluded

Uninstallation

  • Automated: Go to Shopify Admin → Apps → Relintio → Remove. The ScriptTag is deleted automatically.
  • Manual: Delete the relintio.liquid snippet and remove the {%raw%}{% render 'relintio' %}{%endraw%} line from theme.liquid.

The agent never modifies products, collections, checkout, or customer data. Removal is instant and leaves no residual code.