What is the name of the domain?
What is the error number?
No error number, the restriction doesn’t work
What is the error message?
No error message, the restriction doesn’t work
What is the issue you’re encountering
WAF Restriction to subdomain doesn’t work
What steps have you taken to resolve the issue?
Hi folks,
I am currently trying to block a specific subdomain (a testdomain of a wordpress website) from the public internet, so that only people inside our company can access it.
I read all the posts I could find, and did exactly the same steps, but the blocking doesn’t work.
What did I do/or tried so far:
I created a DNS record in Cloudflare for the subdomain, I tried both A-Record and CNAME, Proxy is on.
After that I created a WAF-Rule (http.host eq “subdomain.domain.de” and not ip.src in {IP from our company}) → Action = block.
I also tried (http.host contains “subdomain.domain.de” and not ip.src in {IP from our company}) → Action = block. And waited several hours, to make sure, the problem isn’t DNS related.
What I am missing?
Was the site working with SSL prior to adding it to Cloudflare?
Yes
What is the current SSL/TLS setting?
Full