How to use the most of my WAF appliance?

I inspected and activated some Administrative groups and rules, and added bot and DDoS protection, aside from that, what else can I do to to protect my webapp?.

For example, to block any person that tries to bypass the cloudflare proxy and go directly to my app, I was thinking of a VPN, or perhaps I can do something else?

This can only be done at your server’s end. Cloudflare can’t stop people from bypassing Cloudflare if your server permits it. You’d have to block traffic that does not come through Cloudflare’s IP addresses:

So, your saying to block access to anyone but Cloudflare IP addresses range?, so my server is still on the internet but protected?

Yes, you would need to block traffic except that from Cloudflare IPs, as sdayman suggested.

You could also look into setting up Authenticated origin pulls (which also requires configuration on your origin server):
https://developers.cloudflare.com/ssl/origin-configuration/authenticated-origin-pull

Thanks @user12473 and @sdayman, Very nice response!.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.