Block subdomain but allow some people to access

I want to block my subdomain, like for everyone, EXCEPT list of IP addresses who allowed to access. Only developers should see swagger, not the whole world.

I tried to use Zone Lockdown feature.

  • added some name
  • then specified URL:
  • then added my own IP to see it I can still have access.

Clicked “Save”. Zone Lockdown Rule is active. I can access from my IP.
Then I turned on VPN and switch IP to another country. I can still access the website, and anyone can

So, Zone lockdown doesn’t work?

How else can I achieve the same?

I tried to set up Firewall rule, but failed.

my expression is
(http.request.uri.path contains “” and ip.src eq

but then I stuck. How can I express what IP and Allowed to access “” but anyone else is not allowed? I can only clock one or two IP, but do not understand “how to block all except some IP”

Firewall Rule:
( eq “” and not ip.src in {})


1 Like

Thank you!!!

I tried to used URI and that did not work

But “host” worked.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.