Cloudflare authenticated origin pull on IIS

We have been trying to setup Authenticated Origin pulls.

We were able to do the following

  1. Generate IIS Cert Request
  2. Go and create cert on origin on cloudflare
  3. install the intermediate cert origin_ca_rsa_root.cer in the intermediate certification authorities
  4. install the origin cert in IIS
  5. assign cert to the website.

But users are still able to access the Origin by IP. I feel like we are missing a step. and the cloudflare documentation is not clear about this at all.

We are using IIS 10. Any help would be greatly appreciated. I feel we are missing the part where the web server makes sure the requests are only coming from cloudflare.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.