Tunnel block everyone allow only not working

Dear All ,

I would like to thank you in advance for your help ,

My issue is I have a tunnel , I am trying to setup access to it. But I want to limit the countries and emails that can access the portal.

If I add a rule block all.
Then an explicit allow for said country and emails.
If I try to login from a VPN(in an other country) the portal of Cloudflare still opens up and asks me for my email address.

Am I doing something wrong ?


This is better done at the WAF level.

If you do it as the tunnel, then it is still going to evaluate the email part.

Dear Sir , thank you for your help ,

I did apply the WAF rules(after experimenting a bit) BUT ! they apply globally (to all tunnels).

There I have other tunnels on the same domain that I don’t want them to be that restrictive(to only 1 country).

Is there a way to limit the scope of WAF level ?
Meaning to apply for 1 tunnel specifically ?

Thank you in advance

Change the expression of the WAF rule to match the hostname of the tunnel.
Something like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.