Cloudflare WAF Challenge - Possible to challenge whether user is able to access a URL of another website

Hey Everyone,

I’ve been toying with security features in Cloudflare for a while, but would like to see if this method of WAF / Access challenge is possible.

Site is currently routing over a Cloudflare Zero Trust Tunnel and publicly accessible via a Cloudflare routed hostname.

Here is what I’d like to achieve :

  1. Public URL = invite.example.com

  2. Invite Link is posted to an external unrelated page (reddit for example) .

  3. Users can browse to the URL, but will be blocked if their account doesn’t have access to the subreddit.

I’m wondering what If there is anything possible from Cloudflare that I can leverage to get this going.

If theres a way to leverage the local “back/forward” cache of reddit, I could potentially use this as a workaround, but I’m not sure Cloudflare has a way to see this.

Another possibility im wondering exists =

  1. Posted invite URL (ex : redditinvite.example.com)

  2. redditinvite.example.com → Cloudflare WAF → Challenge = redirect to reddit.com/r/example/examplepost

  3. If Challenge detects user is able to access content, redirect back to realinvite.example.com.

How would I validate these ? Cookies ? Wouldnt everyones cookies be unique ? I dont believe Reddit would have a specific cookie for a specific subreddit.

I’m by no means a web developer and really just enjoy learning more and more about cool ways to secure things. Any suggestions , guidance, and thoughts would be appreciated

Thanks everyone :blush:

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.