Want to lock down your dev site so only you can see it? You can do this for free using Cloudflare’s IP Access Rules.
To get started, you’ll need to have Cloudflare set up as your CDN. The free plan works just fine for this.
Step 1: Add your IP to the allow list
- log in to Cloudflare
- select your domain
- click Security > WAF > Tools
- under ‘IP, IP range, country name’, enter your IP address
- set the action to Allow
- apply it to This website
- click Add
💡 Tip: You can find your IP at whatismyip.com.
Step 2: Block everyone else
- Go to WAF and open Custom rules.
- Click to Create rule.
- Set the field to Hostname
- Set the Operator to Equals
- Set the Value as your dev site’s address and choose action Block
Don’t forgot to select ‘Deploy’
Now only your IP can access the site.
Watch out: Cloudflare might use your IPv6 address
Cloudflare may pick up your IPv6 address instead of your IPv4 one. To check, go to whatismyip.com and make a note of both addresses.
If your IPv4 allow rule doesn’t work, try allowing your IPv6 instead. That’s often the one Cloudflare sees. Once the correct IP is allowed, your dev site should be locked down to just you.
