Secure your admin section with Cloudflare

I’ve been using wordpress and other services with backend area that is meant for administration for a very long time. Often, these backend areas become the target of brute force (or other smarter guesses) attempt to gain access.

To prevent this, since I already have Cloudflare for WAF, I’ve decided to make use of Cloudflare to restrict access to admin area. In this example, the wp-admin area. To do so, there are several things that you can do, but today, I’m going to share one of the option (which I’d recommend that you stack them), which is to add a rule in Cloudflare WAF.

Go to your Cloudflare account, and go to your domain area, and then Security->WAF

Then click Create Rule

Fill up the form by specifying an identifier to the path of your admin area and IP address where you want to grant access to the admin area.

In my example, the identifier is /wp-admin/ and access is limited to my ip address which is 123.123.123.123 in this example