Zone Lockdown Rule

I’m trying to implement a Lockdown Zone Rule that allows me to block the wp-admin page. The issue I’m having is that the rule isn’t working properly.

I’m utilizing this rule - *.example.com/wp-admin
to allow the rule to scale for multiple WordPress instances and only be accessible through a private VPN.

When I enable the rule, it doesn’t block the page, but if I use the full URL path, then it does work.

Do I need to have a wildcard DNS record added within Cloudflare for this rule to work as I originally planned?

Hey,

From looking over the docs and API examples I can’t see wildcard subdomains being used? I’d be fairly easily achieved with a firewall rule though :slight_smile:

It doesn’t work for me though. For my wp-admin page, if I utilize *.example.com/wp-admin then it doesn’t work, but if I use the full URL path is very long, then it does work properly.

Yep, That’s what I was saying where Wildcard subdomains on Lockdown rules don’t seem to be a thing, and you’d be better off using a standard firewall rule doing URI Path matching :slight_smile:

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.