How to block connections that don't use WARP
I want to block all access to my website from laptops that aren't going through warp, how do I do that? it's an api so not sure if I can use like a normal access policy?
6 Replies
I'd try to block everything by default and only allow the Cloudflare AS with WAF.
Of course any WARP user or Cloudflare worker etc can then access your site.
Any reason why you want such a strange setup and not a classic authentication workflow?
Yeah we're doing this weird thing with a self-hosted data plane for an externally hosted webapp, and want to make sure that the webapp can only hit our data plane when running on one of our machines
could we only allow access from users with our account?
I think that is what Zero Trust is about?
right -- so how do we do that?
the WAF?
can we do that as part of the waf with zero trust?
Read the docs, you can setup a private network with Zero Trust and only allow specific users etc.
ah ok that's prob the move thanks