some users bypass cloudflare by editing their host file and adding site IP
is there a way to block access that are not by url
There are several options available, choose the ones that best fits your needs.
2 Likes
I can not install cloudflared because my operation system is not supported
I tried the second method “HTTP Basic Authentication” but it didn’t work at all
You could require Authenticated Origin Pulls or use your firewall to block HTTP and HTTPS connections from all but Cloudflare IPs. You could even do both.
2 Likes
epic.network has the most correct answer, but you should also get a new IP address for your origin server so your users don’t know it. When Cloudflare proxies the traffic, users will be unable to find your server’s new IP address.
1 Like
thanks but i have fixed myself by adding a 000-default-deny.conf to the vhost configs, it blocked host file hacks very effectively
1 Like
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.