Blocking countries, proxies, SSL

I have setup rules to block all countries except the US. However I can tell that other countries are still able to hit the site. Do I have to proxy the DNS entries for this to work? Sorry very new here, would love a step by step “make sure you do this and this” to get this to work. Also, if I proxy the DNS entries will my SSL still work? Appreciate any help you can provide.

Yes, otherwise requests are going direct to your server and not passing through Cloudflare where the rules are enacted.

As long as your SSL is working correctly now (direct to your server), it should work correctly once you enable the proxy. Users will then see a Cloudflare edge certificate as a result of the proxying, but you need to keep the SSL certificate on your site active and valid so the Cloudflare proxy makes a secure connection to it.

Ensure your SSL/TLS settings are set to “Full (strict)” here…
https://dash.cloudflare.com/?to=/:account/:zone/ssl-tls
…and do not proxy any records for email, FTP, SSH, etc as Cloudflare only proxies HTTP(S).

That did the trick … thank you very much!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.