Htaccess syntax for blocking all IPs other than CloudFlare

Hi, I’ve read its important to block access to my site from all IPs other than Cloudflares so people cant bypass the firewall.

What is the syntax for adding all Cloudflare IP’s and my IP to the .htaccess file?
How do I properly write this in the htaccess? also does it go in the top, middle or bottom of the htaccess file?

thank you for your time.

I am afraid they could still connect or sent a request if someone tries to go directly to your IP. htaccess wouldn’t help at that point.

I am assuming the better option for you would be to use Cloudflare Access in that case.

From the Cloudflare IP list here:

You can add it to the bottom, should be like:

deny from all
allow from 173.245.48.0/20
allow from 103.21.244.0/22
allow from 103.22.200.0/22
allow from 103.31.4.0/22
allow from 141.101.64.0/18
allow from 108.162.192.0/18
allow from 190.93.240.0/20
allow from 188.114.96.0/20
allow from 197.234.240.0/22
allow from 198.41.128.0/17
allow from 162.158.0.0/15
allow from 104.16.0.0/13
allow from 104.24.0.0/14
allow from 172.64.0.0/13
allow from 131.0.72.0/22
allow from 2400:cb00::/32
allow from 2606:4700::/32
allow from 2803:f800::/32
allow from 2405:b500::/32
allow from 2405:8100::/32
allow from 2a06:98c0::/29
allow from 2c0f:f248::/32

1 Like

Whats the solution than? why wouldnt adding the allowed IP addresses to the htaccess help? shouldnt it block everything unless its coming directly from Cloudflare?

It might be depending on the web hosting type you’re using, you might be limited with the options and functions which you can use like iptables at the origin host to block everything and allow only Cloudflare IPs, etc.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.