Hi all - I’m new to Cloudflare and I’m trying to lock down my setup. My site is hosted on a single AWS EC2 instance running in the default VPC. I’ve already transferred my DNS zone to Cloudflare and everything seems to be working just fine. I’m seeing lots of traffic hitting the server from Cloudflare IPs.
Now as a next step, I’m trying to lockdown traffic to my EC2 instance such that only Cloudflare’s IPs are allowed. I created a Security Group and populated all the IPv4 and v6 addresses for Cloudflare, for both HTTP and HTTPS protocols and attached it to my EC2 instance. I also removed the old security group that allowed anyone on the internet to hit my site.
As soon as I do this, I’m unable to reach the site. It takes a long time too resolve and eventually ends in a blank white screen.
Any tips/hints as to what I’m doing wrong here? Perhaps it’s a caching issue or something else I’m not seeing or I’m not familiar with? Thanks in advance for any help.