Allow SSH On Specific Subdomain

I noticed that when proxy is enabled I can’t ssh to an external address via that fqdn. We have external partners that need access to an sftp server we’ve set up. How do I set this up so we still have proxy enabled but they are still able to SSH into our server via the DNS name?

:wave: @tech101,

You can do this using Argo Tunnels and Access.

— OG

I was hoping not to have to be charged more just to allow people to access our sftp server that seems unfair. Why wouldn’t a firewall rule work?

Because Cloudflare doesn’t allow other protocols through the proxy in the standard offering. You can either set a subdomain to :grey:, removing the proxy, using Argo Tunnel or the Spectrum offering in the Enterprise plan.

Well that sucks. Thanks for the info though.

It’s a Proxy/CDN, all CDNs behave the same…

You could still create a separate subdomain for SSH, leaving the main one for HTTP proxying.

You could Also create a :grey: hostname for ssh directly but it wouldn’t be protected by Cloudflare. If you name it so no one guesses it, but still exposed to a simple port scanner.

This topic was automatically closed after 30 days. New replies are no longer allowed.