Require a specific cookie
To secure a sensitive area such as a development area, you can share a cookie with trusted individuals and then filter requests so that only users with that cookie can access your site.
This example comprises two rules:
- The first rule targets requests to
dev.www.example.comthat have a specific cookie key,
devaccess. As long as the value of the cookie key contains one of three authorized users —
michael— the expression matches and the request is allowed, skipping all other custom rules.
- The second rule blocks all access to
Since custom rules are evaluated in order, Cloudflare grants access to requests that satisfy rule 1 and blocks all other requests to
— All remaining custom rules