Wp-admin only can be accesible by hostname instead IP


im trying to configure a firewall rule allowing access to “domain.com/wp-admin” only to certains duckdns.org domain names instead access per ip.
I tried with (http.request.uri.path contains “/wp-admin” and http.host ne “example.duckdns.org”) but it not works. In my scenary i need 2 names, but also i tried with 2 ip and it works: (not http.host in {xx.xx.xx.xx xx.xx.xx.xx} and http.request.uri.path contains “/wp-admin”)
Can anyone helps me to match the correct rule?

Thanks in advance

The hostname refers to the host where you are sending the request to. That can’t work in this context.

You might be looking after the referrer field, but keep in mind this value is very much optional and there is no guarantee that it is sent or accurate.

1 Like

Hello @sandro. Thanks for your fast answer

So, ¿CF not supports this logical condition?
I have dynamic address from my office y and with noip names can solve this.


No, Cloudflare does not. You can only work with the referrer field or with the IP address of the client. You could also use the ASN for example to limit access.

What is it you exactly want to achieve?

I see you mentioned that using IPs worked for you.
That is the straight approach and if it works I would keep using it.

Allow access to “example.com/wp-admin” for only 2 hostnames, or 3 in the future. Such i said, need hostname instead ip to avoid ip address changes from my isp.

If it´s no possible, such as you said, i can limit access with the ASN.


You don’t have hostnames in this context. You need to limit it by IP address, IP address range, or ASN.

In that case an IP range or ASN might be the best option. If you are on a paid plan you could also consider “Zone Lockdown”.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.