Enable specific IP range to pass through access control

I’m using cloudflare access control with google and OTP authentication to control access to a test site of my business.

I use Stripe for payment processing and after transactions it uses webhook to send information through to my site.

This worked fine before I implemented access control (when the site was publically available which wasn’t ideal) but now I have access control the webhooks cannot get through.

Cloudflare allows me to create access tokens for use by services and bots etc but Stripe doesn’t appear to have a way for me to use those.

So…does anyone know of a way for me to allow specific IP ranges or similar through the access control?

Thanks in advance!


Stop: Is this post about the product “Cloudflare Access”?

Or, is this post about how you access Cloudflare?

If accessing Cloudflare, post in the #security category so your post is not ignored.

Alternatively to my question above is there another way to implement access control without using CF’s access control function.

Scenario is to allow access to a test site only for a handful of specific people but still to allow things like webhooks from Stripe through


1 Like

You can define bypass rules for Cloudflare Access policies:

You should be able to exclude a specific IP Range using this.

@simon Thank you so much, I’d set to allow, now on bypass and all is perfect :slight_smile:

1 Like