I have never heard about APF until now but after reading their site:
The technical side of APF is such that it utilizes the latest stable features from the iptables (netfilter) project to provide a very robust and powerful firewall.

Is using iptables directly a solution?

Based on these instructions:

http://www.webhostgear.com/406.html

1) Login to your server as the root user.

2) cd /etc/apf

3) Use vi or nano or emacs to edit the /etc/apf/allow_hosts.rules file

e.g.: vi /etc/apf/allow_hosts.rules

4) Scroll down until after their last comment with the ##

Add the following in:

tcp:in:d=443:s=YOURHOMEIPHERE
out:d=443:d=YOURHOMEIPHERE

The d=443 part is the https port, so you can repeat for other services as well to limit connections if you like.

You must change YOURHOMEIPHERE to the IP address you want to let in. If this is going over the Internet you need to know your external IP address. Try http://www.ipaddressworld.com/ or some such service to see what your external IP address is.
e.g. 123.100.200.123

Save the changes.

5) Edit the /etc/apf/deny_hosts.rules file
EG: vi /etc/apf/deny_hosts.rules

Scroll down until the last default comment ## then below it add the following:

tcp:in:d=443:s=0/0
out:d=443:d=0/0

Save the changes.

6) Restart APF firewall
apf -r