Wordpress uploads content access restriction with Cloudflare (setup)


Is it possible to avoid anyone except specific IP list (white labelled) to access the wp-content/uploads folder?

I have created this rule:
(http.request.uri.path containshttps://mydomain.com/wp-content/uploads/”)
but it has no effect. I can still access images or videos.

What would be the correct setup?

Many thanks

1 Like

I don’t think uri.path works if you add the scheme and/or hostname. Try a Contains for just wp-content/uploads

Hi Sdayman,
Yes I had tried this before. I don’t know if there is cache issue (should I purge it all?) or can it be bypassed by whitelabelling my IP on the IP Access rules?
In that case, I should try from another device with a different IP I guess.

If you whitelisted your IP address, then Firewall Rules shouldn’t take effect if you’re testing from home.

Indeed. Problem solved.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.