Does open port for sftp bypass cloudflare security?

I build an application to make screenshots. The screenshots will be uploaded by sftp by the application. My concern is now that cloudflare’s waf could be bypassed by this and that cdn and picture optimization by cf will be bypassed in the upload phase.

Normally I want only CF allow to connect to my server.

Is there a better way to render this action?

Instead of sftp, use a HTTPS based protocol that can pass through Cloudflare. Even so, you may need to whitelist this API as automated uploads (by definition) cannot pass a JavaScript challenge.

Thank you for the answer. How can I whitelist an app in CF?