Issue with WAF Custom Rules for IP-Restricted Access

What is the name of the domain?

https://clarksoneyecare.patientproviderportal.eyecare-partners.com/

What is the error message?

Issue with WAF Custom Rules for IP-Restricted Access

What is the issue you’re encountering

We have a use case where we need to block access to a specific site from the general internet, while allowing access only to certain users based on their IP addresses. I have implemented custom rules under WAF to address this, but it does not seem to be functioning as expected.

What steps have you taken to resolve the issue?

I have implemented custom rules under WAF to address this, but it does not seem to be functioning as expected.

What feature, service or problem is this related to?

DNS not responding/updating

Screenshot of the error

clarksoneyecare.patientproviderportal.eyecare-partners.com is not proxied, so requests go direct to your host and do not pass through Cloudflare for the rules to have any effect.
https://cf.sjr.org.uk/tools/check?befa87160e934385a01507fadc7c02a6#dns

If you do proxy this host, you will need to use the Advanced Certificate as it is a second-level subdomain. Universal SSL only supports the domain and one-level of subdomain (eyecare-partners.com and *.eyecare-partners.com).

Your rule blocks all requests to clarksoneyecare.patientproviderportal.eyecare-partners.com so you need an earlier rule, or an addtional term in this rule, to allow the IP addresses that you want to be able to access this hostname.

1 Like