Cloudflare tunnels and reverse proxy

nightdwellerakotha · January 25, 2025, 6:19pm

What is the name of the domain?

Taerel dot com

What is the error number?

N/A

What is the error message?

N/A

What is the issue you’re encountering

How to set up proxy → tunnel → server

What steps have you taken to resolve the issue?

How would I set up cloudflare tunnels to go Cloudways server + cloudflare add on (set up as a proxy) → cloudflare tunnel → web server?

fritex · January 27, 2025, 12:11am

When you create a tunnel and install it on your Cloudways server, it’ll automatically prompt you to add your public hostname e.g. myapp.domain.com which is bound locally on your server and working on e.g. HTTPS://localhost:8443. The DNS record, CNAME will be created automatically and proxied .

Otherwise, you’d get an error saying you already have a DNS record and you’d have to remove it. Therefrom, you can close open ports or setup simple UFW on your server to block anyone accessing over 8443 port (or some other to which your web app is bound) from outside. It’ll route and run through the tunnel. No need to expose it to the public Internet anymore while using a cloudflared tunnel, even if you’ve got a public static IP address.

Do you have SSL on the origin or not? If not, then you’ve got two options to fix a possible issue with this:

Make sure you’ve enabled noTLSVerify option for your public hostname on your configured cloudflared tunne and that your Website is bound to port 443 and “working” even with invalid SSL certificate over HTTPS at your local machine (not the best case)

Generate and install Cloudflare Origin CA certificate onto your Nginx web server on the local machine → Origin CA certificates · Cloudflare SSL/TLS docs (recommended to solve your issues with errors you’re experiencing and to have end-to-end encryption)

Nevertheless, go here https://dash.cloudflare.com/?to=/:account/:zone/ssl-tls/configuration. Select Custom and not automatic. Reference, Introducing Automatic SSL/TLS: securing and simplifying origin connectivity. Double-check your SSL/TLS setting to make sure it’s set to Full (Strict).

nightdwellerakotha · January 27, 2025, 1:42pm

So I would set up SSL on the proxy server? The tunnel I plan to set up pointing to the website on an VPS server by another corp. I plan to have the proxy (on its own server) point to the tunnel that points to the web server VPS

fritex · January 27, 2025, 11:30pm

Sounds a bit complicated at first sight
Host A → Host B proxy and the cloudflared tunnel will be on Host A?

SSL termination on your proxy has to be done correctly, otherwise I’d expect some errors with the connection at first.

nightdwellerakotha · February 1, 2025, 7:30pm

Host A (proxy) → host B cloudflare tunnel + website

system · February 16, 2025, 7:31pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to configure CloudFlare Tunnel for HTTPS traffic? Cloudflare Tunnel CloudflareTunnel	10	21876	December 21, 2022
Need help with zero trust tunnel setup Cloudflare Tunnel	1	53	February 3, 2025
Tunnel setup not working Cloudflare Tunnel	3	1876	January 4, 2024
Tunnel is down and cant get it back up Cloudflare Tunnel	1	2051	July 26, 2023
How to set up subdomain through a tunnel? Zero Trust CloudflareTunnel	2	9335	December 31, 2022