Today you are going to have a wonderful day.

Secure Restricted Areas in 5 Minutes with Cloudflare Access

cloudflare-access
Cloudflare Access Secures Sensitive Areas

What is Cloudflare Access

Cloudflare Access protects sensitive areas of your domain with access policies, set by the account owner, so that only authenticated users can access those resources.

Each and every request to restricted area is validated before granting access.

Cloudflare Access Pros

  • Quick and hassle free setup.
  • No code changes at your site.
  • Easy to deploy and maintain.
  • Easy to control and monitor.
  • Setup policies in minutes.
  • Runs fast on desktop as well as mobile devices.
  • Authentication is done using existing single sign-on providers you already use.
  • A centralized way to secure corporate infrastructure.
  • Secure protected areas without using a VPN.

Cloudflare Access Cons

  • Will work only if you activate Cloudflare proxy.

Cloudflare Access Features

  • Control which users and groups reach sensitive areas.
  • Secure, authenticate, and monitor user access to any domain, application, or path.
  • See real-time logs for access requests, monthly active users, and policy changes.
  • Easily change policies from dashboard or using API.

Allowed Identity Providers for Cloudflare Access

  • Facebook
  • Github
  • Google
  • Yandex
  • AzureAD
  • Centrify
  • G Suite
  • Okta
  • OneLogin
  • OIDC Providers
  • SAML

Last two options are available only with the Enterprise plans.

Cloudflare Access Benefits

  • Protect WordPress Login/Admin from Brute Force attacks.

Cloudflare Access Plans

Access offers two types of plans.

  • Access basic
  • Access Premium

Both plans provide 5 free active users per month.

Each email address counts as 1 active user per month.

How to Enable Cloudflare Access

  • Visit Access from Cloudflare Dashboard.
  • Click Enable Access.
  • Select Access Basic, and 5 Active Users.
  • Click Continue.
  • Add Billling, and Purchase.
  • Click Let’s get started!
  • Choose Login Page Domain i.e yourdomain.cloudflareaccess.com
  • Click Look’s good to me.

How to Enable Clouflare Access Policy

cloudflare-access-policy
Cloudflare Access Policy
  • Click Add Access Policy.
  • Enter Application name as Login Page.
  • Enter Domain as /wp-login.php
  • Session Duration as your choice of hours.
  • Enter Policy name as Login Policy, Decision as Allow, Include Emails, enter email address you wish to use for login.
  • Click Save.
  • Click Add Logout Bar from the bottom left.
  • Click All Pages and manually enter URL as your-domain.com/wp-admin in the input field.
  • Add another URL as your-domain.com/wp-login.php.
  • Click Add, then Done.
  • Click Install on 2 Parts.

This way you have put Cloudflare Access in front of WordPress Login, and also enabled two factor authentication.

See Cloudflare Access in Action

  • Visit your login page, enter your email address, and get one time pin to login.
cloudflare-access-authentication
Cloudflare Access Authentication Page

Cloudflare Access Logout Procedure with WordPress

  1. First logout from WordPress Admin.
  2. Then logout from Cloudflare Access.

Another way to secure WordPress Login is to activate Jetpack Single Sign-On, and host your site with a Managed WordPress Hosting provider.

Moral of the Story

Cloudflare Access protects sensitive areas of your domain by authenticating with identity providers you already use.

Email Newsletter

Be first to receive notifications of new articles.

Thank you my dear friend for coming here.