Specify IP white list for subdomain in firewall


I’m new to Cloudflare using the Pro package.
I have a setup to one of my sub domain, which includes IP white list in our firewall.
Enabling the DNS proxy on the sub domain will break this functionality on our server.
Is there a way to configure Cloadflare’s firewall to support all traffic on our main domain and sub domain and limit IP addresses to only one sub domain?



Thank you for asking.

May I ask what error do you get? :thinking:
Is the sub-domain covered with the valid SSL certificate?

Your Firewall Rule would look like the example below.
Make sure you’ve move the Firewall Rule up so it’s the 1st from above on the list of your Firewall Rules.

Block all requests except the requests from one specific IP on the sub:

Or multiple IPs, use “is not in” operator:


Thank you for your help. Works fine now.
The reason for the server to break functionality is because the customer IP cannot be recognize by our server if Cloudflare DNS is proxied.
Now after implementing the firewall as per your instructions, everything works fine.


In that case, I’d suggest implementing as follows on below article, scroll down a bit to find your Web server type, just in case, to see the real visitor IP in your access log files when :orange:

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.