I allowed my website: https://live.lkat.io/ to be accessed without Cloudflare login. The Cloudflare policy needed to be like the image below. I switched to Nextauth to control accessible pages because:
- I don’t want 2 websites - for example a dynamic admin site I need to log in vs a static generated public site (the issue there is I want to show data, not just markdown)
- I couldn’t figure out a way for Cloudflare to lock down certain routes - plus, with NextJS, I imagine there are issues with client side routing as well
- I want to keep things simple by having one website
I was also able to lock down that only my email could log in.
This Medium article was a nice tutorial.
