BoxExchanger
  • Вернутся на сайт
  • Getting Started / DONE
    • Security Setup / DONE
      • Admin Account Creation
      • Administrator Permissions Setup (Roles)
      • Enabling Two-Factor Authentication
      • Admin Panel Access Restrictions by IP
        • Setting Up Access Restrictions on CloudFlare
        • Setting Access Restrictions in the Admin Panel
      • Setting Up Access Restriction by Header Host
    • Design customisation / done
    • Technical works / DONE
    • Website notification / DONE
      • Creation
      • Editing
    • Selected rates / DONE
      • Creation
      • Editing
    • Connecting the Online Chat / DONE
      • Connecting LiveChat
      • Connecting JivoSite chat
      • Connecting HelpCrunch chat
    • Adding contacts / DONE
    • Email Configuration / DONE
      • Sending a copy of sent emails
      • Connecting Gmail
      • Connecting Zoho Mail
      • Connecting Dynadot Mail
    • Questions and answers / DONE
      • Create
    • Setting up the AntiBot system / DONE
      • Installing reCAPTCHA
    • Rules / DONE
      • Create
      • AML/KYC Policy
    • Partners / DONE
      • Partner creation
      • Editing
    • News / DONE
      • Creation
    • Reviews / DONE
      • Create
      • List of Reviews
    • Static Pages / DONE
      • Creation
    • User authorisation settings / DONE
    • Setting up identifiers / DONE
    • Customising the action history / DONE
  • Exchange / DONE
    • Currencies / DONE
      • List of currencies
      • Currency logo
      • Currency name
      • Currency type
      • Accuracy of the sum
      • XML currencies
        • Digital currency codes
        • City codes
      • Exchange rate to USD
      • Reserves
      • Setting up the currency field
      • Accepting payments
      • Payout Setup
      • AML Verification
      • Verification
    • Currency Sorting / DONE
    • Directions / DONE
      • Priority modules
      • Floating rate
      • Rate insurance
      • SEO-friendly URL
      • Documents
    • Setting up a directional group / DONE
    • Merchant and API / DONE
      • 001k bot / DONE
        • Merchant 001k bot
        • 001k bot Payouts
      • Whitebit exchange / DONE
        • Module interactions
        • Whitebit Merchant
        • Whitebit payouts
      • BetPay / DONE
        • BetPay Merchant
        • BetPay.money Payouts
      • Cryptomus / DONE
        • Cryptomus Merchant
        • Cryptomus Payouts
      • Paylink.finance / DONE
        • Paylink.finance Merchant
        • Paylink.finance Payouts
      • BSC BEP20 Merchant / DONE
      • ETH Merchant ERC20 / DONE
      • Merchant Monerod / DONE
      • Garantex Merchant / DONE
      • ChangeCoins Merchant / DONE
      • Merchant Obmenka UA / DONE
      • Merchant Billline / DONE
      • Bitconce Merchant / DONE
      • YooMoney Merchant / DONE
      • ePayCore Merchant / DONE
      • Payeer Merchant / DONE
      • Perfect Money Merchant / DONE
      • WestWallet.io Merchant / DONE
      • Configuring Inqud / DONE
      • Agents Telegram Payouts / DONE
      • Binance Payouts / DONE
      • Kuna.io Payouts / DONE
      • PSPline payouts / DONE
      • WestWallet.io Payouts / DONE
    • Rate parser / DONE
      • BestChange / DONE
      • Kurs.Expert / DONE
      • BetPay.Money / DONE
      • PancakeSwap / DONE
      • CurrencyLayer / DONE
      • XML file / DONE
      • Cryptomus / DONE
      • whitebit v2 / DONE
      • Paylink.finance / DONE
      • BestChange v2 / DONE
    • Verifications / DONE
    • Calculation of the exchange amount / DONE
  • Requests / DONE
    • List of exchanges
    • Requests
      • Request statuses
    • Automatic addition of reserve
  • Affiliate Program / DONE
    • Partnership areas / DONE
    • Partner exchanges / DONE
    • Referral settings / done
  • AML plugins / DONE
    • CrystalBlockchain
    • AMLBot.com
    • GetBlock.net
  • Additional systems / DONE
    • Internal wallet / DONE
    • KYC modules / DONE
      • KYC Kycaid module / DONE
      • KYC Module AMLBot / DONE
      • KYC SumSub Module / DONE
    • Whitebit modules / DONE
      • WhiteBit Exchanger auto update fee
      • WhiteBIT control available
    • Install plugin / DONE
    • Scam Database API
  • Authorisation systems / DONE
    • Apple Authorisation
    • Google Authorisation
  • For developers / DONE
    • Project setup / DONE
      • Server for the exchanger / DONE
        • Vultr / DONE
        • DigitalOcean / DONE
          • Deleting VDS on DigitalOcean / DONE
        • Hetzner Cloud / DONE
          • VDS size changes on Hetzner / DONE
          • Deleting VDS on Hetzner / DONE
      • CloudFlare settings / DONE
      • Nginx Installation / DONE
      • Software Installation / DONE
        • Installing NodeJs / DONE
        • MongoDB Installation / DONE
        • Installing exchanger-api / DONE
        • Installation of exchanger-web / DONE
        • Setting up the build on CloudFlare Workers / DONE
    • Setting up Telegram Bot / DONE
    • Access to source code / DONE
    • Client-web development / DONE
      • Local launch / DONE
      • Applying the changes / DONE
    • Email templates / DONE
      • Template localisation / DONE
    • Uploading a static file / DONE
    • Project structure / DONE
    • API documentation settings / DONE
    • Node Setup / DONE
      • Bitcoin Node / DONE
      • Monero Node / DONE
      • Ethereum Node / DONE
      • Tron Node / DONE
    • Development of modules / DONE
      • System Merchant / DONE
      • Payout module / DONE
      • Course Parser / DONE
    • Sending logs to developers / DONE
    • API payment processing / DONE
    • Setting up VPN (OpenVPN) / DONE
    • Setting up a backup on B2 / DONE
    • Firewall configuration / DONE
      • Configuring port 22 access (ssh)
      • Configuring access ports 80,443 (http/s)
      • IP whitelisted by CloudFlare
    • Webhook notification URL / DONE
      • New Exchange
      • New Verification (Manual)
      • Application Status Update
      • User Registration
  • Журнал изменений
Powered by GitBook
On this page
  • Example of how the rule should look:
  • API Login Restriction:
  1. Getting Started / DONE
  2. Security Setup / DONE
  3. Admin Panel Access Restrictions by IP

Setting Up Access Restrictions on CloudFlare

PreviousAdmin Panel Access Restrictions by IPNextSetting Access Restrictions in the Admin Panel

Last updated 5 months ago

Important: When setting restrictions on Cloudflare, . This is critically important because restrictions on Cloudflare only limit the visual representation of the admin panel and do not limit requests to the Admin API.

  1. To restrict access to the admin panel by IP, you need to log into your account

  2. Go to

  3. Click the button in the Custom rules section.

  4. Fill out the form: \

Rule name: Admin block ip

When incoming requests match…

Field: Hostname

Operator: is in

Value: %Your panel domain without https and slashes%\

AND

Field: IP Source address

Operator: is not in

Value: Your IP or multiple IPs

Then…

Block

After that, click the Deploy button

Example of how the rule should look:

API Login Restriction:

don't forget to set restrictions on the API
CloudFlare