I recently switched from Reverse Proxy Docker Container (NginxProxyManager - NPM) to Cloudflare's Zero Trust platform. You can find many tutorials online (YT) on how to do that, this is not the topic here. Please find bellow a short guide on
HOW TO PROTECT VAULTWARDEN ADMIN'S PAGE (access via internet) WHEN USING CLOUDFLARE'S ZERO TRUST TUNNELS
If you enabled admin's page in Vaulwarden, you should (or already) know it shouldn't be exposed to the internet (only via local network).
If you are still using NPM >> Edit (Vaulwarden Proxy Host) >> Advancend, and put the following line under Custom Nginx Configuration
location /admin {
return 404;
}
If you are using Cloudflare's Zero Trust platform (tunnels) instead, you can secure the Vaultwarden's admin page from being accessed over the internet with the following instructions:
This will be a very simple policy rule, you can later tweak your settings as you choose and try it out
1. In the Zero Trust Overview (https://one.dash.cloudflare.com/) under Access >> chose Applications
2. Click on Add an application
3. Select Self-hosted
4. Tab - Configure App - Enter Application name (example: Vaulwarden_admin_access), subdomain (your actual subdomain for vaultwarden), domain (your root domain) and Path (enter: admin) and click Next
6. Tab - Add Policies - Enter Policy name >> Action (Allow)
7. Under Configure rules >> Include >> Selector choose Emails >> under Value enter the email address you own (have access to, but only you. You can put as many email addresses you want) and click Next.
8. Tab - Setup - no need to configure anything, just click Add Aplication
Now go to your admin's page over the internet (https://sub.domain.com/admin) and you will be presented with Cloudflare's Zero Trust (access) page where you first need to enter one of the authorised emails in step 7. When you receive a code to your mailbox, enter the code in the next page and now you have access to admin's page over the internet.
You can add additional security layers in step 7 (Include >> Add Include or Add require or Add exlude
I hope you will find this short tutorial useful.