DDOS Mitigation on an IP Access Rules Allowed IP


Under Firewall > Tools > IP Access Rules I’ve added a single IPv4 address and set it to be Allowed access to this website. Yet, CloudFlare takes action “Connection Close” on this IP when it thinks there’s a DDOS happening. It’s an office IP and all staff there then can’t access the site. Not ideal.

What else is needed to whitelist known trusted IP addresses?

Just create a page rule to allow certain IP addresses for more information visit https://support.cloudflare.com/hc/en-us/articles/200172336-Creating-Page-Rules

I see no such option under Page Rules. I can disable security, but not by IP.

The documentation here suggests IP Access Rules are the right vehicle to achieve whitelisting:


Another common use of IP Access Rules is to allow services that regularly access your site (APIs, crawlers, payment providers, etc).

How exactly would you achieve this with Page Rules?

Assuming you’ve confused Page Rules with Firewall Rules, I’ve now added a bypass rule under Firewall Rules for this IP. Not exactly sure which ‘feature’ covers DDOS mitigation, so I selected Security Level, Rate Limiting and Zone Lockdown.

Seems overkill, having to use IP Access Rules Allow plus Firewall Rules Bypass but let’s see.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.