Hey all,
I hope you are all safe and well
I run quite a number of services that offer a web interface over HTTPS and other ports that are required for the services to work, eg 2022, 8081, 587,143 and so on…
I have enabled Cloudflare Proxying on these services and find that the web element of the service works great, however when Proxying is enabled it breaks these other services even though they don’t fall under Cloudflare free service ports
https://developers.cloudflare.com/fundamentals/get-started/network-ports
Is it possible to only proxy only 443 traffic - or have selective port proxying? I know this kind of defeats the purpose of proxying your server connection to hide your origin server IP, but I am looking to Geoblock which requires me to have Proxying on (correct me if I’m wrong) to add to my list of mitigations against attack (very shallow, I know - but it’s one mitigation of many)
Is it possible to add a firewall rule to disable proxying on certain ports?
What would be my best option be? Or would disabling proxying be the only option?
Thanks in advance!
Proxied, the IP addresses returned for that hostname only works on the listed ports. There’s no way around this for that hostname. You’d have to unproxy it, or run those services on other hostnames that aren’t proxied.
Proxied hostname is pretty much a one-trick pony. With the exception of using Cloudflare Tunnel which is a true tunnel running on its own proxied port on that hostname.