Configuring the Cloudflare WAF between my CDN and Origin Server

I’d like for my WAF to sit between my CDN and origin servers (CDN → WAF → Origin). Has anyone successfully deployed the WAF using this configuration? For more context, customers point their domains to my CDN and I want traffic coming from their domains to be protected too.

Are you referring to a CDN you operate yourself, or to your Cloudflare account?

If you are referring to the latter, that would need Cloudflare for SaaS.

I’m using Fastly

So you have a Fastly account configured for each of your customers domains, and you want to configure each of those domains on a Cloudflare account, and use the Cloudflare account as the origin for the Fastly CDN?

You will not be able to use a lot of the features of the Cloudflare WAF, including anything using IP, ASN, Country, Verified Bots etc.

The setup will be a mess, as you will need to verify each domain in different ways which will probably require a lot of intervention by you, support from either company would be tricky, and probably lots of other reasons why this sounds like a nasty solution.

Why not use either Cloudflare for SaaS, which gives both CDN and WAF, or Fastly with their
WAF?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.