We used to prohibit access to WordPress admin by using this below in our .htaccess file:
# BEGIN PROTECTION wp-login.php
Deny from all
Allow from xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
# END PROTECTION wp-login.php
Using Cloudflare it do not work: I get a 403 error (forbidden)…
What is the tips to do that?
I looks like your .htaccess code could be blocking Cloudflare.
Since Cloudflare acts as a reverse proxy, when it’s configured as expected, all connections to your origin webserver come from Cloudflare’s IP addresses, and that may or may not be a problem for you:
- If your web application is using the originating IP of the visitor as part of its logic, it will now use a Cloudflare IP address
- If you use the content of your access logs, they now contain a Cloudflare IP address as the $remote_addr
Depending on your setup, you can restore the visitor IPs in a number of ways. You can find a complete list here, or below are a few of the most popular:
This topic was automatically closed after 30 days. New replies are no longer allowed.