Hey there! Is it possible to use Cloudflare Pages in conjunction with firewall rules. I’m using Vercel currently but I can’t whitelist ips because it has dyamnic addresses. Could I whitelist a Cloudflare Pages instance with a firewall rule?
Firewall Rules do work with Pages on custom domains (not your
You’ll need to make sure to orange cloud your CNAME record in your DNS preferences so that Pages traffic hits the Firewall, but after that you should be able to use Firewall Rules on your Pages Custom domain traffic.
Okay. Is there way to prevent all requests coming to my api besides that of my cloudflare pages instance?
Other than adding an authentication system, that’s not possible really, but CORS makes a good start at ensuring that an unmodified browser can only access your API through your chosen pages.
You can perform validation on the backend to ensure that the
Origin header matches that of your Pages site, but using server-side libraries people can still call your API unless you add authentication to ensure that only clients that should have access do have access.