diff --git a/README.md b/README.md
index d2ac429..d9c97f0 100644
--- a/README.md
+++ b/README.md
@@ -48,7 +48,7 @@ Wildebeest uses [Deploy to Workers](https://deploy.workers.cloudflare.com/) to a
 
 **Click here to start the installation.**
 
-[<img src="https://deploy.workers.cloudflare.com/button"/>](https://deploy.workers.cloudflare.com/?url=https://github.com/cloudflare/wildebeest&authed=true&fields={%22name%22:%22Zone%20ID%22,%22secret%22:%22CF_ZONE_ID%22,%22descr%22:%22Get%20your%20Zone%20ID%20from%20the%20Cloudflare%20Dashboard%22}&fields={%22name%22:%22Domain%22,%22secret%22:%22CF_DEPLOY_DOMAIN%22,%22descr%22:%22Domain%20on%20which%20your%20instance%20will%20be%20running%22}&fields={%22name%22:%22Instance%20title%22,%22secret%22:%22INSTANCE_TITLE%22,%22descr%22:%22Title%20of%20your%20instance%22}&fields={%22name%22:%22Administrator%20Email%22,%22secret%22:%22ADMIN_EMAIL%22,%22descr%22:%22An%20Email%20address%20that%20can%20be%20messaged%20regarding%20inquiries%20or%20issues%22}&fields={%22name%22:%22Instance%20description%22,%22secret%22:%22INSTANCE_DESCR%22,%22descr%22:%22A%20short,%20plain-text%20description%20of%20your%20instance%22}&apiTokenTmpl=[{%22key%22:%22d1%22,%22type%22:%22edit%22},{%22key%22:%22page%22,%22type%22:%22edit%22},{%22key%22:%22images%22,%22type%22:%22edit%22},{%22key%22:%22access%22,%22type%22:%22edit%22},{%22key%22:%22workers_kv_storage%22,%22type%22:%22edit%22},{%22key%22:%22access_acct%22,%22type%22:%22read%22},{%22key%22:%22dns%22,%22type%22:%22edit%22},{%22key%22:%22workers_scripts%22,%22type%22:%22edit%22}]&apiTokenName=Wildebeest)
+[<img src="https://deploy.workers.cloudflare.com/button"/>](https://deploy.workers.cloudflare.com/?url=https://github.com/cloudflare/wildebeest&authed=true&fields={%22name%22:%22Zone%20ID%22,%22secret%22:%22CF_ZONE_ID%22,%22descr%22:%22Get%20your%20Zone%20ID%20from%20the%20Cloudflare%20Dashboard%22}&fields={%22name%22:%22Domain%22,%22secret%22:%22CF_DEPLOY_DOMAIN%22,%22descr%22:%22Domain%20on%20which%20your%20instance%20will%20be%20running%22}&fields={%22name%22:%22Instance%20title%22,%22secret%22:%22INSTANCE_TITLE%22,%22descr%22:%22Title%20of%20your%20instance%22}&fields={%22name%22:%22Administrator%20Email%22,%22secret%22:%22ADMIN_EMAIL%22,%22descr%22:%22An%20Email%20address%20that%20can%20be%20messaged%20regarding%20inquiries%20or%20issues%22}&fields={%22name%22:%22Instance%20description%22,%22secret%22:%22INSTANCE_DESCR%22,%22descr%22:%22A%20short,%20plain-text%20description%20of%20your%20instance%22}&apiTokenTmpl=[{%22key%22:%22d1%22,%22type%22:%22edit%22},{%22key%22:%22page%22,%22type%22:%22edit%22},{%22key%22:%22images%22,%22type%22:%22edit%22},{%22key%22:%22access%22,%22type%22:%22edit%22},{%22key%22:%22workers_kv_storage%22,%22type%22:%22edit%22},{%22key%22:%22access_acct%22,%22type%22:%22read%22},{%22key%22:%22dns%22,%22type%22:%22edit%22},{%22key%22:%22workers_scripts%22,%22type%22:%22edit%22},{%22key%22:%22account_rulesets%22,%22type%22:%22edit%22}]&apiTokenName=Wildebeest)
 
 Please pay attention to all the steps involved in the installation process.
 
diff --git a/scripts/generate-one-click-deploy-button.mjs b/scripts/generate-one-click-deploy-button.mjs
index 4e55ab9..c1e53c3 100644
--- a/scripts/generate-one-click-deploy-button.mjs
+++ b/scripts/generate-one-click-deploy-button.mjs
@@ -37,6 +37,7 @@ const API_TOKEN_TEMPLATE = JSON.stringify([
 	{ key: 'access_acct', type: 'read' },
 	{ key: 'dns', type: 'edit' },
 	{ key: 'workers_scripts', type: 'edit' },
+	{ key: 'account_rulesets', type: 'edit' },
 ])
 
 const fields = FIELDS.map((x) => JSON.stringify(x))
diff --git a/tf/main.tf b/tf/main.tf
index f5384da..a2a7dec 100644
--- a/tf/main.tf
+++ b/tf/main.tf
@@ -170,3 +170,21 @@ resource "cloudflare_access_application" "wildebeest_access" {
   session_duration          = "730h"
   auto_redirect_to_identity = false
 }
+
+resource "cloudflare_ruleset" "wildebeest_inbox" {
+  zone_id     = trimspace(var.cloudflare_zone_id)
+  name        = "Wildebeest"
+  description = "Ruleset for Wildebeest"
+  kind        = "zone"
+  phase       = "http_request_firewall_managed"
+
+  rules {
+    action      = "skip"
+    action_parameters {
+      phases = ["http_request_firewall_managed"]
+    }
+    expression  = "(http.host eq \"${var.cloudflare_deploy_domain}\" and http.request.uri.path contains \"/ap/users/\" and http.request.uri.path contains \"inbox\")"
+    description = "Bypass firewall for Wildebeest Inbox"
+    enabled     = true
+  }
+}
