I have a subdomain that play as web server, but also as a backend server. I need to block the access to the web server and just some ip address have access but i need also that another subdomain i own get access to the backend (GET and POST request) from any ip adress.
This is the rule i applied:
(http.host eq “subdomain.example.com”) and (ip.src ne 184.108.40.206 and ip.src ne 220.127.116.11 and ip.src ne 18.104.22.168) then block
that rule allow to those ip address get access to the web page, any other ip address get blocked, but also block the GET and POST request made to my backend (subdomain.example.com/api/) from another subdomain with an ip address that is not in the previous list.
Is there anyway to achieve this?