Blacklisting Traffic to Web App login

I have a Web Application with an Admin Only login page. Before switching to Cloudflare, we had a htaccess rule:

  • Blacklist ALL traffic to /backend_login_page.php
  • Whitelist 123.123.123.123 to /backend_login_page.php
  • Whitelist 456.456.456.456 to /backend_login_page.php

However, all traffic now seems to show as a Cloudflare IP address.

Is there a way to implement the same rule-set from within Cloudflare?

As mentioned htaccess, you are using Apache.

If on shared hosting, I am not sure about it, but on VPS or a dedicated server, if you want the true IP address of the visitor to be logeed under access or error log, you should have to consider adding Cloudflare IP addresses list (IPv4 and IPv6) to your configuration file.

Kindly, read more about it here:

I’d go with a Firewall Rule:

2 Likes

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.