This blog article will explain how to protect your subdomain using Cloudflare WAF (Web Application Firewall). Many companies have an intranet which is only accessible from their office network or from protected IP's. Another example could be for some other subdomain such as an Extranet. Examples would be intranet.yourcompany.com or extranet.yourcompany.com. In either case you would want to block access to these resources using mor than a simple username and password. This article will explain how using an intranet.
Protect your Subdomains using Cloudflare WAF
- Ensure your A Record is proxied through Cloudflare
- While logged into Cloudflare navigate to Security-WAF
- Create a Rule and name it "Block Intranet" (or whatever you wish)
- Make a WAF Rule as Follows -
- If incoming request matches
| FIELD | OPERATOR | VALUE |
|---|---|---|
| Hostname | Equals | intranet.yourcompany.com |
| IP Source Address | Does not Equal | [your office IP address] |
- Then Block
For a better explanation please watch my Youtube Video
This method is much more secure method than using a simple username and password. As well you can rest assured your Intranet will only be accessible from within your office. If you have remote workers who require to get access to the Intranet, simply have them VPN to your office.
Another thing you may want to do is to block all traffic to your webserver except from Cloudflare. This will ensure you do not have anyone bypassing Cloudflare and accessing your webserver. I also have an article and youtube video explaining this.
https://clusterednetworks.com/protect.webserver.ddos.attack
Clustered Networks
Located in Canada, Clustered Networks has been in business since 2001 and has offered Network / Internet and IT Consulting services for over 30 years. - Click Here for our Contact Info
#travelrouter #glinet #router #security
