Cloudfare https ports

Sorry if this is not the properly sub. Im currently running my homeassistant over cloudfare. Ive read the https Cloudflare ports allowed. Setting one of these on my ha account. When restarting platform and I try to access a 403 forbiden error does not let me to get into

Can you get into it without Cloudflare proxy if the traffic on that port? 403 forbidden sounds like an error being generated by your server.

1 Like

May it be I havent got ssl certificate in my server yet?

AFAIK ha natively uses port 8123, are you trying to use a proxied DNS entry with that port?

If you want to use ha on your local network with Cloudflare I personally would recommend using a docker setup. Would be important to know if you run it on a external server or on any device within your home-network?

If in your home-network I would do it like this:

(:orange:) domain.tld:443 ==> router 123.123.123.123:443 ==> docker:443=>8123

alternatively you can remap ports on your router with port forwarding:

(:orange:) domain.tld:443 ==> router 123.123.123:443 ==> docker:8123

other then that you can modify the port, ha uses to any other port (prefered one Cloudflare support). To do so please modify this line in your configuration.yaml:

http:
   server_port: 8123

I would recommend changing it to 8443 or any other from the officially supported Cloudflare SSL ports:

  • 443
  • 2053
  • 2083
  • 2087
  • 2096
  • 8443

This will allow you to:

  1. proxy your domain and hide your private IP
  2. use SSL and a proper public SSL port
  3. not having to port-map anything (if a native Cloudflare SSL port is getting used)

But like @cscharff stated, your error 403 is getting generated on your origin server.

2 Likes

My ha is running on a device over my local network. What I did was purchase a domain and tunneled with Cloudflase. Its does works perfect. The problem is when changing http_port on ha config.yaml. As you said by default is 8123. So I changed it to 8443 and then it gave me that 403 error. Otherwise Ive just purchased a ssl certificate on the hosting server

Why would you do this? You would not need to purchase any SSL cert, since behind Cloudflare you can use Cloudflares free origin cert.

Thanks, that info is very important to know.

What does the error log say and what application triggered the 403 error? Your router? Webserver on your local machine?

Also, do you have the possibility to dockerize it, since the official docker container of ha comes with everything already properly configured.

Does it give you a 403 error also, if you access it locally? If locally also a 403 gets triggered it’s not related to Cloudflare, then please try the community of ha.

The error was showed at ha app on mu phone and when browsing to my server.
Error 403 : forbidden

El El mar, 1 mar 2022 a las 17:23, M4rt1n via Cloudflare Community <[email protected]> escribió: