Block access by country but want to allow access for the team.

I want to block access from certain countries’ IPs, but my team is currently in one of those countries.

They use dynamic IPs as they work from multiple locations, so it’s not feasible to allow based on my IP. Is there a quick solution?

Hi there,

If your team are on dynamic IP’s then there is no real good option in firewall rules, unless you create an exception for specfic ASN for their ISPs - but then you would allow others in from those networks.

I’m thinking a better solution for you would be to use Cloudflare Access under our Zero trust suite - Access policies · Cloudflare Zero Trust docs

This would allow you to create policies and authenticate based on their identity (email address) to allow access through to your application.

Hope this helps!