I have been using CloudFlare Access rules to prevent access to Wordpress login and admin pages on several sites for months. It’s been working great. However in the last few days, or perhaps a week, after I authenticate with CF Access, I get a white page with a URL that looks like this: https://www.$MYDOMAINHERE.com/cdn-cgi/access/authorized?nonce=$BIGLONGSTRINGNONCE#wpbody-content
I’ve removed my domain and the nonce, but you can see what the pattern is. The page is blank. Reloading or trying to access other protected URLs on the site gives me the same thing. The only way around it is to remove the Access rules protecting the /wp-admin/ part of the site. This is now happening on all of my sites (different hostnames, different backend servers, etc…).