I’m trying to export logs from Cloudflare via a worker script, as suggested here, directly to my ELK instance at the Elasticsearch port, but I’m receiving a 403 (Forbidden) status code.
The thing is, the GCP firewall rules are ok (I’m accepting tcp requests from any IP to Elasticsearch’s port), and I can mimic the same fetch request (with the same headers and body) from a node script in my computer and it works, and I don’t have any Cloudflare firewall rules preventing me from making outbound requests to any domain/address, it’s also not a problem with certificates because I’m doing it via HTTP to a development instance before I do it in prodution (via HTTPS).
Can anyone help me with this?
EDIT: I tried creating a separate rule redirecting traffic from a new domain name, unproxied, to my instance’s IP, just for testing because I don’t want to expose my instance’s IP to attackers, and even then trying to PUT to
<newdomain>:<ES port> will return 403 to me.