Cloudflare Tunnel RESTful API Calls Returning 404 Errors

What is the name of the domain?

example.app

What is the error number?

404 Not Found

What is the error message?

login.js:18 POST https://dev.example.app/api/login 404 (Not Found)

What is the issue you’re encountering

Backend API doesnt work in Tunnel

What steps have you taken to resolve the issue?

  • Configured a tunnel in Zero Trust for:
    dev.rootdomain.app /${linuxIP}:${frontendPort}

to:

dev.rootdomain.app/api* > ${linuxIP}:443

  • Tried adding another public hostname entry with HTTP, HTTPS, and HTTPS with no requirement for TLS verification.

*Tested API calls in Insomnia, which return 404 errors or the index page.

What are the steps to reproduce the issue?

  1. Set up a Cloudflare Tunnel for the domain dev.rootdomain.app.
  2. Configure the tunnel to route traffic as mentioned above.
    3)Make API calls to dev.rootdomain.app/api/endpoint and observe the 404 errors or index page response.

Screenshot of the error

Here is some background:

I’ve been working on a small web app and recently moved from DuckDNS with NGINX reverse proxy to Cloudflare Tunnels. Now, all backend API calls return a 404 error.

Tech Stack:

  • Vanilla JS
  • Node.js
  • MongoDB for the database
  • MongoDB Atlas for authentication

Previous Setup:

  • HTTP requests to mywebsite.duckdns.org were reverse proxied to the frontend port.
  • HTTPS requests to mywebsite.duckdns.org/api/ were reverse proxied to port 443, with API calls handled in the NGINX location tab.

This setup worked fine. However, after switching to Cloudflare Tunnels, I can’t get the API calls to work.

Current Setup:

In Zero Trust, I configured:

  • dev.rootdomain.app > wildcard * > ${linuxIP}:${frontendPort}
  • dev.rootdomain.app/api* > ${linuxIP}:443

I’ve tried adding another public hostname entry with HTTP, HTTPS, and HTTPS with no requirement for TLS verification, but all return 404 errors.

Problem:

When trying to add the path to the tunneled IP, it says the service URL is invalid. (See attached photo)

Questions:

  • Do I need an API gateway?
  • Should I refactor my API calls to hit api.domain.app instead of domain.app/api/?

I’m trying to keep costs down, so I’ve considered AWS API Gateway and Kong but found them either complex or expensive. I also can’t find pricing for Cloudflare’s API Gateway.

Should I just update my NGINX reverse proxy to handle the API calls?

Thanks in advance for any assistance!

Confirmed that I just went back to duckdns.org and my API calls are successful.

For some reason, I cant get domain.app/api to route to host:port/api/ it keeps resolving as the index page.

if I navigate to domain.app/existing-page it works fine but if I try to make an api call or just input gibberish after domain.app, it navigates to the homepage.

I would prefer to not have to change my code to api.domain.app if I don’t have to but any guidance is welcome! I’m stuck in a spot where I do not know enough about this topic to continue researching/troubleshooting.

Bumping for visibility. I’m still stuck and not sure what avenue I need to investigate to solve this on my own.