Partial restriction of site access
Partial restriction of site access can be achieved at the application level. When creating application-level restrictions, keep in mind that application code will only run if an incoming request reaches the origin server. Requests that have a cached response at the edge will be served from the page cache and application code will not run.