I am trying to make a
Caddyfile for v2 that blocks any HTTP/HTTPS access that does not come from the Cloudflare edge servers. This is to prevent denial of service attacks from malicious parties that find out the true IP address of the server, not the Cloudflare one. I want to use Caddyfile, not
iptables or similar, for the blocking as this makes the maintaining the service easier - everything relevant is in one self-contained Caddyfile.
I found ipfilter plugin that seems to be unmaintaned. What is the best practice to block remote addresses that are not on the whitelist with Caddy 2.4.5?