Yes, I have other firewall rules listed in Plesk but I believe the ones listed first get higher priority. I was actually able to do the following in Plesk and now it seems that it shows “403 Forbidden (nginx)” if I try to access my website using the IP address; which is good.
However, the part I don’t understand is now if I try to access my website using the domain name I also receive “403 Forbidden (nginx)”. I thought that since Cloudflare’s IPs are allowed my server that it would load the website properly? I’m guessing it shows “403 Forbidden (nginx)” because my computer IP that I’m trying to access my site from isn’t listed as “allowed” in my Plesk configuration.
Am I misunderstanding setting this up properly to lock down my server to only allow Cloudflare IPs?
Where would I go to view the firewall events log in Cloudflare? I’m under the “free” plan, is that available?
Thank you!