TDocs/
search
Security··schedule3 min read

Securing Your Edge Application

Essential security practices for applications running on Cloudflare Workers at the edge.

Security at the Edge

Running code at the edge introduces unique security considerations. Here's how to protect your application.

IP Whitelisting

Restrict admin access to known IPs:

const allowedIps = ["192.168.1.0/24", "10.0.0.1"]

function isAllowed(ip: string): boolean {
  return allowedIps.some(range => ipInCidr(ip, range))
}

Rate Limiting

Protect your API from abuse:

const rateLimiter = new Map()

function checkLimit(ip: string, limit = 100) {
  const record = rateLimiter.get(ip) || { count: 0, reset: Date.now() + 60000 }
  if (record.count > limit) return false
  record.count++
  rateLimiter.set(ip, record)
  return true
}

Authentication

Use Better Auth with D1 for session management at the edge.

#TypeScript#Cloudflare
Related
Getting Started with Cloudflare Workers
Also Read
Building a Blog with D1 and Drizzle ORM