Bypass restricted access for phone apps

My little home server is protected by tunnels and access requiring an emailed code. I can access all the apps on the server as I have given each a sub domains to their ports. What an amazing system.

The problem is that I have a couple of apps on my phone (audiobookshelf & nextcloud) that will not connect as the logins give an error because (I assume ) they are redirected to cloudflareaccess. com.

Is there a way to bypass the access protection? I am no noob to cloudflare but please try not to get too technical or my head will explode.


I’m in exact same situation as you. Love the Cloudflare Access restrictions, but it breaks the ABS mobile app. I’m considering just having my *** subdomain not be protected by Cloudflare Access but then it feels more exposed…. Did you figure out a solution?

also an audiobookshelf fan and had the same issue. I landed on creating a new Cloudflare Application (Under Access → Applications) that does not have the authentication requirement. So all the traffic still goes through Cloudflare, and I don’t have to open up any ports on my home router, and I can then share the with friends, keep a consistent server address when i’m out and about or in my home network. It still has a login / pass, so I’m happy with this for all my security concerns balanced with flexibility and ease of sharing with others.

The lockdown app i have as * (and contains all my other services that map to ports on my nas)
and the windtun-public I have as and will add other services that will not be Cloudflare authenticated as needed in the future.

Hope the image attaches properly.

best of luck!

1 Like

I have implemented like you recommended, has been working well for me. Since is somewhat exposed now (and I noticed the ABS login has no brute force protection), I implemented crowdsec to protect abs and Nextcloud. Makes me feel more secure about losing the Cloudflare auth screen.

Have you played w/ split tunneling or running a local DNS server so you don’t have to go through the tunnel when downloading books on your LAN? I got most of the way with the local DNS, but couldn’t get the local certificates since Cloudflare provides those w/ the tunnel and gave up.

Yes actually! I was fine tuning it today actually. Using pihole to forward requests to my local IP address. Have confirmed local data transfers don’t go through the tunnel.

I didn’t have issues with certs, but I’ve heard people have issues using Cloudflares certs in this scenario. I am using Caddy which handles Let’s Encrypt certs without any issues, and nothing was affected when I implemented split DNS.