I want to add CloudFlare Access to control a single hostname (to be used for internal purposes) through my primary domain. I’m nervous to ‘enable it’ for fear it may break sites the public currently needs access to. Having a hard time finding any basic information on it. My gut is that everything will be fine, but I need more than a gut feeling in order to pull the trigger. Can anyone point me in the right direciton?
The Access configuration is pretty precise. It matches the URL you select. And then it shields everything under that.
What’s the URL pattern you’re trying protect, and what’s the URL pattern you’re trying to let the public access? It sounds like you want to limit access to everything under example.com/, but I’m not sure what you’re trying to keep open for the public.
I set it up a few weeks ago for a few resources and it has a fairly easy learning curve. In particular, it applies to the specific URLs (subdomains and/or paths) that you specify, so you can set up a test platform fairly quickly.
You can even set it up to trigger on a path that doesn’t exist (your backend webserver might 404, but since access happens in front of your server you can test in front of URLs that don’t exist)