Require a specific cookie
To secure a sensitive area such as a development area, you can share a cookie with trusted individuals and then filter requests so that only users with that cookie can access your site.
This example comprises two rules:
- The first rule targets requests to dev.www.foo that have a specific cookie key,
devaccess. As long as the value of the cookie key contains one of three authorized users, james, matt, or michael, the expression matches and the request is allowed.
- The second rule blocks all access to
Since the Allow action has precedence over Block, Cloudflare grants access to requests that satisfy Rule 1 and blocks all other requests to