CF reverse proxy ip restriction
Backend
Hi !
My backend is reverse proxied by Cloudflare.
I want to ensure that all API endpoints can only be reached by the associated CF reverse proxies ips.
The backend servers are on fly.io so also behind their load balancer.
I thought about adding a cloudflare signature on api queries by adding it on the header before reaching LB and server.
Then it should be handled by a middleware before reaching the endpoints.
Is there something simpler than that ?
My backend is reverse proxied by Cloudflare.
I want to ensure that all API endpoints can only be reached by the associated CF reverse proxies ips.
The backend servers are on fly.io so also behind their load balancer.
I thought about adding a cloudflare signature on api queries by adding it on the header before reaching LB and server.
Then it should be handled by a middleware before reaching the endpoints.
Is there something simpler than that ?
