

Yes in zero trust > access controls > applications you can specify a web site and then tell it how you want it protected. In its most basic form you can have it email you a login code, but if you link it to either google or Microsoft you can have users of those services use them allowing you to sso straight through.
You can also specify a wildcard *.mydomain.net and then by default anything that is in your domain will be protected. Means when you’re testing something new you won’t forget to lock it down.
You’re correct about media, I use nginx proxy manager for emby, but everything else goes through the tunnels
As for configuring, the cloudflare LLM bot has been trained on all its documentation so it’s one of the few times a chat bot is genuinely useful.
Anybody made the switch to this from Apple photos? How was the migration? Did Live Photos etc all just work?
I had problems a few years ago where Live Photos were split into video and photo - which to be fair it’s what they are