Options to whitelist a dynamic dns (ddns)


#1

Hello,

The plan is to allow users inside Company A access to Website X. Company A is assigned a dynamic ip by the internet provider.

Is the following possible:

  1. Users inside Company A can access Website X (better if can be configured to specific times and days).
  2. Admin can access Website X from anywhere.
  3. Anybody else accessing Website X will see a custom static page or 404.

Exploring the option of:

  • Cron job inside Website X that checks for new IP address of Company A every few minutes.
  • Cron job that updates Cloudflare whitelist ip via API.
  • Cron job that does the above for a ddns account of the admin.

Any thoughts, leads, suggestions, or comments is greatly appreciated!

Thank you in advance!


#2

I can suggest running a cron/custom script that pulls the IP from ddns then uses the CF API to change either a zone lockdown rule or Cloudflare Access policy (when access APIs are available).

If you want custom error logic (404 if not authorized), you’ll likely need to set up your web server config or use server software to handle.

Cloudflare Workers is also a pretty good bet, using Cloudflare’s DNS over HTTPS to look up the current IP of the DDNS hostname and returning 404 if it’s not an IP you trust.


#3

Thank you Judge!

Exploring further on that! Great fast community here!


#4

This topic was automatically closed after 31 days. New replies are no longer allowed.