For Workes & Pages, what is the name of the domain?
https://prod-ccow-bot-host-router.ram-manavalan.workers.dev/
What is the issue or error you’re encountering
Need to allowlist (external domain names) access to workers
What steps have you taken to resolve the issue?
We have two workers, exposing 3 API endpoints out, which cannot have auth-n-auth implemented because we are not allowed to store any auth/identity related data in Cloudflare. Given that, we do not want to keep these endpoints out and open for anyone to use and perform DDoS attack. We would like to allowlist only domains (that we allow) that can access these endpoints. Solutions we considered:
- Implement a check in the worker code itself, using items like secret key, domain name, etc. However, this does not prevent DDoS.
- Use Cloudflare WAF. However, WAF cannot be added to workers directly. It requires us to register a domain. Also, to experiment this, we need to purchase the add-on first. However, in my org, we will not be able to purchase until we try out.
Are there other options? In a nutshell, we are looking for a firewall based solution from Cloudflare that we are ready to pay, after trying it out.