What is Cloudflare Access
Cloudflare Access protects sensitive areas of your domain with access policies, set by the account owner, so that only authenticated users can access those resources.
Each and every request to restricted area is validated before granting access.
Cloudflare Access Pros
- Quick and hassle free setup.
- No code changes at your site.
- Easy to deploy and maintain.
- Easy to control and monitor.
- Setup policies in minutes.
- Runs fast on desktop as well as mobile devices.
- Authentication is done using existing single sign-on providers you already use.
- A centralized way to secure corporate infrastructure.
- Secure protected areas without using a VPN.
Cloudflare Access Cons
- Will work only if you activate Cloudflare proxy.
Cloudflare Access Features
- Control which users and groups reach sensitive areas.
- Secure, authenticate, and monitor user access to any domain, application, or path.
- See real-time logs for access requests, monthly active users, and policy changes.
- Easily change policies from dashboard or using API.
Allowed Identity Providers for Cloudflare Access
- G Suite
- OIDC Providers
Last two options are available only with the Enterprise plans.
Cloudflare Access Benefits
- Protect WordPress Login/Admin from Brute Force attacks.
Cloudflare Access Plans
Access offers two types of plans.
- Access basic
- Access Premium
Both plans provide 5 free active users per month.
Each email address counts as 1 active user per month.
How to Enable Cloudflare Access
- Visit Access from Cloudflare Dashboard.
- Click Enable Access.
- Select Access Basic, and 5 Active Users.
- Click Continue.
- Add Billling, and Purchase.
- Click Let’s get started!
- Choose Login Page Domain i.e yourdomain.cloudflareaccess.com
- Click Look’s good to me.
How to Enable Clouflare Access Policy
- Click Add Access Policy.
- Enter Application name as Login Page.
- Enter Domain as /wp-login.php
- Session Duration as your choice of hours.
- Enter Policy name as Login Policy, Decision as Allow, Include Emails, enter email address you wish to use for login.
- Click Save.
- Click Add Logout Bar from the bottom left.
- Click All Pages and manually enter URL as your-domain.com/wp-admin in the input field.
- Add another URL as your-domain.com/wp-login.php.
- Click Add, then Done.
- Click Install on 2 Parts.
This way you have put Cloudflare Access in front of WordPress Login, and also enabled two factor authentication.
See Cloudflare Access in Action
- Visit your login page, enter your email address, and get one time pin to login.
Cloudflare Access Logout Procedure with WordPress
- First logout from WordPress Admin.
- Then logout from Cloudflare Access.
Moral of the Story
Cloudflare Access protects sensitive areas of your domain by authenticating with identity providers you already use.