Is it possible to allow access only to specified users?


I am currently using a Cloudflare tunnel to a website running on Apache in my home network.

The website itself needs login credentials so not everyone can see.

But is it possible to also add another layer of protection and allow only specified users to even use the tunnel?

I created an Access group, but it does nothing. So I assume I need to “attach” this group to another service though I did not find to which.

Or - there is a different way to do it? (on Cloudflare’s side, not my app side)


Yes, it is possible to restrict access to your Cloudflare tunnel to specified users by using Cloudflare Access. Here’s a step-by-step guide:

  1. Log in to your Cloudflare dashboard.
  2. Navigate to the ‘Access’ section.
  3. Create an Access Policy for your application (the website running on Apache).
  4. Define the policy to include only the users you want to allow. You can use email addresses, identity providers, or group memberships to specify users.
  5. Apply the Access Policy to the hostname that your tunnel is serving.

Once configured, only users specified in the Access Policy will have access to your application via the Cloudflare tunnel. Meaning with a failed authentication on the Access step there would be no access to the tunnel which would give you an extra protection step before your tunnel traffic starts.

I hope this answers it.

1 Like

Hi, @yassine2 thank you.

When I click Access, it asks me to choose a plan so I don’t see “Access Policy”. If I choose a plan - will it show up? I’ve been using the free plan and never added a payment method.

But I guess for certain services it is still required? Why does it ask for a payment method if it’s $0? :sweat_smile:

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.