Protect * with Access, but not custom domain

Hi there,

How do I protect my * deployment domains with Cloudflare Zero Trust/Cloudflare Access, without also protecting my custom domain (

My goal: don’t have readers (and bots) access my deployments on * Of course, I do like to welcome readers on my domain (!

I followed the steps described in the docs here: ‘Enable Access on your * domain’.

Unfortunately, the steps aren’t super clear. For instance, it says “configure your access rules to define who can reach the Access authentication page” for the custom domain, but I don’t know which access rules I should use to make this work. And if I use the ‘Bypass’ option (rather than ‘Allow’ with ‘Everyone’), the Cloudflare Access still pops up on

Any help or suggestions is very welcome!

Hi there,

Please open you pages project, on top go to Manage and under Access policy, click Enable access policy.
After it’s enabled, click Manage Policies and a tab will open in Access/Applications with a policy already created for your page.

If you don’t do anything else, the page will now be inaccessible, except for selected members.
In the Access/Applications tab, press the application name and then Edit to customize the behavior, you can remove/add domains under Overview add policies under Policies and configure identity providers under Authentication.

And if I use the ‘Bypass’ option (rather than ‘Allow’ with ‘Everyone’), the Cloudflare Access still pops up on .

You can remove this and leave only under Overview.

Take care.