Cloudflare A record to Lightsail Plex server not working

I have been run down with this problem over last 3 days.

I purchased mobitv-server. com from CF itself, and transfered mobitv-server. tk from Freenom over to CF. Got Active displays from CF.

Then I set up a Plex server on a AWS Lightsail Ubuntu 20.04 instance and can normally access the Plex web panel on http ://Public IP:32400 or https ://Public IP:32400 ( with unlock sign.)

Then set up an A record for mobitv-server. com to PublicIP in CF dashboard and waited a day, with no CF errors.

But the http ://mobitv-server:32400 doesn’t work. After a while I get a Chrome error saying no connection-check proxy ( no http error code.)
Same with https…

Repeated with domain mobitv-server. tk. Same results.

(Leaving spaces within web link. Post not allowed with proper format !)

Is there an outage, or am I missing something?
Lightsail instance has all Plex ports 32400, DNS 53, 5353, Plex app, Plex Roku, 32469 open as well as 80, 8080, 22, Ping etc.

For starters, most of these ports are not supported by Cloudflare.

And even if they were, if that’s not HTTP, it won’t work and even if it worked, you’d be in violation of 2.8 of the terms of service.

In short, set up your domain on Cloudflare but keep these records , meaning you are using only DNS.

@sandro

Very interesting…I did not know that, especially term of service violation !

Is it just for Plex / video streaming servers?

Will proxy on work with other non-video streaming, i.e., http/s or ssh, RDP ( listed in Zero Trust GUI) servers ?

1. Btw, typing in browser mobitv- server com returns CF error 1016, but mobitv- server tk returns CF error 521 !

So I should just not use CF proxy in either case?

2. I also have had similar problems pointing above com TLD to a UUID. Then can’t use a subdomain to point to a connected origin server PC at home (green tunnel) with same :32400 port.

So if I change ports to http ones, I could use CF proxy?

It’s everything that is not HTML related. The proxies generally only work for HTTP, unless you are using Spectrum.

As I mentioned, you best disable the proxy for the services you mentioned here. They won’t work and may get your account suspended.

Ok understood.

1. But I should be able to use ports listed in Zero Trust GUI for Public Hostnames ( https/s, RDP, ssh, etc)?

2. To setup CF SSL I only see .pem with mobitv-server com TLD ( CF registered) listed as download for com TLD and *.TLD wildcard.

Can I use just this file on my origin server PC?
Or will I also need the private key…where do I find it?

Alternatively, can I use the usual Let’s Encrypt on my origin server PC?

I am just new. I wish there was a good New Users Guide explaining all the pitfalls !

Doc leaves much to be desired.

Mostly I blamed this on the recent Cloudflare outage assuming not all was fully operational…

Well, certificates will only work in a proxied context and are intended for HTTP only. So if you have any other services, you cannot use an Origin certificate.

As far as the documentation is concerned, I am sure Cloudflare will be happy to receive feedback at #Feedback.

However, the issue from a couple of days ago should not have anything to do with all of that, so that’s rather unrelated.

For any other questions, it will be best to open a thread in the appropriate category.

Ok

How about my #1 question, irrespective of SSL?

As I mentioned, that’s best covered in the appropriate category, as the thread here is about proxying non-HTTP services and we have addressed that.